CyberSec.Space Logo
Back to CVE Browser

CVE-2006-4942

MEDIUM
4.6
CVSS Severity Score
EPSS Score0.1510%
EPSS Percentile1.82th
PublishedSep 23, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

Moodle before 1.6.2, when the configuration lacks (1) algebra or (2) tex filters, allows remote authenticated users to write LaTeX or MimeTeX output files to the top level of the dataroot directory via (a) filter/algebra/pix.php or (b) filter/tex/pix.php.

Affected Platforms (CPE)

📦
Moodle

Moodle

<= 1.6.1
📦
Moodle

Moodle

= 1.6.0

References & Advisories

🔗 http://docs.moodle.org/en/Release_notes#Moodle_1.6.2
🔗 http://docs.moodle.org/en/Release_notes#Moodle_1.6.2

Related Vulnerabilities

CVE-2004-223510.0

Unknown vulnerability in Moodle before 1.2 has unknown impact and attack vectors, related to improper filtering of text.

CVE-2004-223610.0

Unknown vulnerability in Moodle before 1.3.3 has unknown impact and attack vectors, related to language setting.

CVE-2004-223310.0

Unknown "front page vulnerability with Moodle servers" for Moodle before 1.3.2 has unknown impact and attack vectors.

CVE-2004-223710.0

Unknown vulnerability in Moodle before 1.3.4 has unknown impact and attack vectors, related to "strings in Moodle texts."