Total vulnerabilities in the database
spell-check-logic.cgi in Moodle 1.8.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/spell-check-debug.log, (2) /tmp/spell-check-before, or (3) /tmp/spell-check-after temporary file.
Software | From | Fixed in |
---|---|---|
moodle / moodle | 1.8.2 | 1.8.2.x |