CVE Vulnerabilities

CVE-2012-4400

Published: Sep 19, 2012 | Modified: Dec 01, 2020
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4 MEDIUM
AV:N/AC:L/Au:S/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

repository/repository_ajax.php in Moodle 2.2.x before 2.2.5 and 2.3.x before 2.3.2 allows remote authenticated users to bypass intended upload-size restrictions via a -1 value in the maxbytes field.

Affected Software

Name Vendor Start Version End Version
Moodle Moodle 2.2.2 2.2.2
Moodle Moodle 2.2.1 2.2.1
Moodle Moodle 2.2.3 2.2.3
Moodle Moodle 2.2.4 2.2.4
Moodle Moodle 2.2.0 2.2.0

References