Description
lib/phpunit/bootstrap.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2022-2325 | lib/phpunit/bootstrap.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message. |
Github GHSA |
GHSA-47cw-whh9-j2fq | Moodle allows attacks to obtain sensitive information |
References
History
No history.
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-06T13:03:27.346Z
Reserved: 2014-10-03T00:00:00.000Z
Link: CVE-2014-7848
No data.
Status : Modified
Published: 2014-11-24T11:59:13.260
Modified: 2026-06-17T00:15:49.317
Link: CVE-2014-7848
No data.
OpenCVE Enrichment
No data.
Weaknesses
EUVD
Github GHSA