icon

We found results for “

CVE-2015-2267

Good to know:

icon

Date: June 1, 2015

mdeploy.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to bypass intended access restrictions and extract archives to arbitrary directories via a crafted dataroot value.

Language: PHP

Severity Score

Severity Score

Weakness Type (CWE)

Improper Access Control

CWE-284

Top Fix

icon

Upgrade Version

Upgrade to version 2.6.9,2.7.6,2.8.4

Learn More

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): LOW
Authentication (AU): SINGLE
Confidentiality (C): NONE
Integrity (I): PARTIAL
Availability (A): NONE
Additional information:

Do you need more information?

Contact Us