CVE-2006-4938

Moodle < 1.6.2 - Authenticated Path Disclosure via Help File Inclusion

Title source: llm

Description

help.php in Moodle before 1.6.2 does not check the existence of certain help files before including them, which might allow remote authenticated users to obtain the path in an error message.

References (1)

Core 1

Core References

Various Sources x_refsource_confirm

http://docs.moodle.org/en/Release_notes#Moodle_1.6.2

Scores

EPSS 0.0024

EPSS Percentile 47.6%

Details

Status published

Products (2)

moodle/moodle 1.6.0

moodle/moodle < 1.6.1

Published Sep 23, 2006

Tracked Since Feb 18, 2026