CyberSec.Space Logo
返回 CVE 浏览器

CVE-2006-4942

MEDIUM
4.6
CVSS Severity Score
EPSS Score0.1510%
EPSS Percentile1.82th
Published2006年9月23日
Last Modified2026年4月16日

Vulnerability Description

Moodle before 1.6.2, when the configuration lacks (1) algebra or (2) tex filters, allows remote authenticated users to write LaTeX or MimeTeX output files to the top level of the dataroot directory via (a) filter/algebra/pix.php or (b) filter/tex/pix.php.

Affected Platforms (CPE)

📦
Moodle

Moodle

<= 1.6.1
📦
Moodle

Moodle

= 1.6.0

References & Advisories

🔗 http://docs.moodle.org/en/Release_notes#Moodle_1.6.2
🔗 http://docs.moodle.org/en/Release_notes#Moodle_1.6.2

相关漏洞威胁

CVE-2004-223510.0

Unknown vulnerability in Moodle before 1.2 has unknown impact and attack vectors, related to improper filtering of text.

CVE-2004-223610.0

Unknown vulnerability in Moodle before 1.3.3 has unknown impact and attack vectors, related to language setting.

CVE-2004-223310.0

Unknown "front page vulnerability with Moodle servers" for Moodle before 1.3.2 has unknown impact and attack vectors.

CVE-2004-223710.0

Unknown vulnerability in Moodle before 1.3.4 has unknown impact and attack vectors, related to "strings in Moodle texts."