Vulnerability Database

313,825

Total vulnerabilities in the database

CVE-2006-4937

lib/setup.php in Moodle before 1.6.2 sets the error reporting level to 7 to display E_WARNING messages to users even if debugging is disabled, which might allow remote authenticated users to obtain sensitive information by triggering the messages.

Published: Sep 23, 2006
Updated: Nov 9, 2025
CVE: CVE-2006-4937
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
moodle / moodle	-	1.6.1.x
moodle / moodle	1.6.0	1.6.0.x

http://docs.moodle.org/en/Release_notes#Moodle_1.6.2

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo