CVE-2014-0217 in Moodle信息

摘要

由 VulDB • 2026-06-25

Moodle 2.6.x(低于 2.6.3)版本中的 enrol/index.php 在列出隐藏课程之前未检查 moodle/course:viewhiddencourses 权限,这使得远程攻击者能够通过利用访客角色并访问精心构造的 URL,获取这些课程的敏感名称和摘要信息。

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

来源

Want to know what is going to be exploited?

We predict KEV entries!