backup/backup_scheduled.php in Moodle before 1.6.2 generates trace data with the full backup pathname even when debugging is disabled, which might allow attackers to obtain the pathname.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Moodle | Moodle | * | 1.6.1 |
Moodle | Moodle | 1.6.0 | 1.6.0 |