| Vulnerability Name: | CVE-2006-4938 (CCN-28903) | ||||||||
| Assigned: | 2006-09-13 | ||||||||
| Published: | 2006-09-13 | ||||||||
| Updated: | 2020-12-01 | ||||||||
| Summary: | help.php in Moodle before 1.6.2 does not check the existence of certain help files before including them, which might allow remote authenticated users to obtain the path in an error message. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 4.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N) 3.0 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N/E:U/RL:OF/RC:C)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-4786 Source: MITRE Type: CNA CVE-2006-4938 Source: MITRE Type: CNA CVE-2006-4939 Source: CONFIRM Type: UNKNOWN http://docs.moodle.org/en/Release_notes#Moodle_1.6.2 Source: CCN Type: Moodle Web site A Free, Open Source Course Management System for Online Learning Source: CCN Type: SA21899 Moodle Multiple Vulnerabilities Source: CCN Type: OSVDB ID: 28795 Moodle help.php Information Disclosure Source: CCN Type: OSVDB ID: 28796 Moodle Scheduled Backup Information Disclosure Source: CCN Type: BID-19995 Moodle Multiple Input Validation and Information Disclosure Vulnerabilities Source: XF Type: UNKNOWN moodle-help-information-disclosure(28903) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||