Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2006-4942

Moodle before 1.6.2, when the configuration lacks (1) algebra or (2) tex filters, allows remote authenticated users to write LaTeX or MimeTeX output files to the top level of the dataroot directory via (a) filter/algebra/pix.php or (b) filter/tex/pix.php.

  • Published: Sep 23, 2006
  • Updated: Apr 13, 2023
  • CVE: CVE-2006-4942
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.6
  • AV:N/AC:H/Au:S/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
moodle / moodle - 1.6.1.x
moodle / moodle 1.6.0 1.6.0.x