Search for packages
| purl | pkg:composer/moodle/moodle@2.3.3 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-6fbt-nz6e-nbd2
Aliases: CVE-2012-6099 GHSA-cr78-rphw-w73p |
Moodle Arbitrary File Read via Backup Functionality The moodle1 backup converter in `backup/converter/moodle1/lib.php` in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 does not properly validate pathnames, which allows remote authenticated users to read arbitrary files by leveraging the backup-restoration feature. |
Affected by 227 other vulnerabilities.
This version is affected by these other vulnerabilities:
Affected by 230 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-07-01T18:13:21.242266+00:00 | GitLab Importer | Affected by | VCID-6fbt-nz6e-nbd2 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2012-6099.yml | 36.1.3 |
| 2025-07-01T18:13:15.272697+00:00 | GitLab Importer | Fixing | VCID-bvjv-cdnz-hfe5 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2012-5471.yml | 36.1.3 |
| 2025-07-01T14:32:16.459971+00:00 | GHSA Importer | Fixing | VCID-bvjv-cdnz-hfe5 | https://github.com/advisories/GHSA-mpjx-8phj-5m34 | 36.1.3 |
| 2025-07-01T14:32:15.265240+00:00 | GHSA Importer | Affected by | VCID-6fbt-nz6e-nbd2 | https://github.com/advisories/GHSA-cr78-rphw-w73p | 36.1.3 |
| 2025-07-01T12:28:02.007909+00:00 | GithubOSV Importer | Fixing | VCID-bvjv-cdnz-hfe5 | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-mpjx-8phj-5m34/GHSA-mpjx-8phj-5m34.json | 36.1.3 |