Main
Vulnerability Database
Exploits
ID:8191 - Exploit for Server-Side Request Forgery (SSRF) in Moodle - CVE-2018-1042
ID:8191 - Exploit for Server-Side Request Forgery (SSRF) in Moodle - CVE-2018-1042
Published: July 30, 2022
Vulnerability identifier: #VU37616
Vulnerability risk: Medium
CVE-ID: CVE-2018-1042
CWE-ID: CWE-918
Exploitation vector: Remote access
Vulnerable software:
Moodle
Moodle
Link to public exploit:
Vulnerability description
The vulnerability allows a remote authenticated user to gain access to sensitive information.
Moodle 3.x has Server Side Request Forgery in the filepicker.
Remediation
Install update from vendor's website.