Exploit for #VU75601 External Control of File Name or Path in Moodle

Exploit for #VU75601 External Control of File Name or Path in Moodle

Published: 2024-03-22 | Updated: 2024-04-09

Vulnerability identifier: #VU75601

Vulnerability risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2023-30943

CWE-ID: CWE-73

Exploitation vector: Network

Exploits in database: 2

April 9, 2024
- CVE-2023-30943 (CVE-2023-30943 RCE PoC) [Github]
March 22, 2024
- CVE-2023-30943 (CVE-2023-30943 (Moodle XSS)) [Github]

Impact: Data manipulation

Vulnerable software:
Moodle
Web applications / Other software

Vendor: moodle.org