CVE-2006-4937
Moodle < 1.6.2 - Authenticated Sensitive Information Exposure via Error Reporting
Title source: llmDescription
lib/setup.php in Moodle before 1.6.2 sets the error reporting level to 7 to display E_WARNING messages to users even if debugging is disabled, which might allow remote authenticated users to obtain sensitive information by triggering the messages.
References (1)
Core 1
Core References
Various Sources x_refsource_confirm
http://docs.moodle.org/en/Release_notes#Moodle_1.6.2
Scores
EPSS
0.0024
EPSS Percentile
47.6%
Details
Status
published
Products (2)
moodle/moodle
1.6.0
moodle/moodle
< 1.6.1
Published
Sep 23, 2006
Tracked Since
Feb 18, 2026