CVE-2011-4280

Moodle 2.0-2.0.2 - Cross-Site Scripting via Spike PHPCoverage Library

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-4280. PoCs published by AutoSec Tools.

AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in Moodle versions prior to 2.0.1, where user-supplied input is not properly sanitized. The exploit involves injecting malicious scripts via the `PHPCOVERAGE_HOME` parameter in a specific URL.

Description

Cross-site scripting (XSS) vulnerability in the Spike PHPCoverage (aka spikephpcoverage) library, as used in Moodle 2.0.x before 2.0.2 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Exploits (1)

exploitdb WRITEUP VERIFIED
by AutoSec Tools · textwebappsphp
https://www.exploit-db.com/exploits/35297

The provided text describes a cross-site scripting (XSS) vulnerability in Moodle versions prior to 2.0.1, where user-supplied input is not properly sanitized. The exploit involves injecting malicious scripts via the `PHPCOVERAGE_HOME` parameter in a specific URL.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Moodle < 2.0.1
No auth needed
Prerequisites: Access to the vulnerable Moodle instance
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Scores

EPSS 0.0137
EPSS Percentile 80.7%

Details

CWE
CWE-79
Status published
Products (4)
moodle/moodle 2.0.0
moodle/moodle 2.0.1
moodle/moodle 2.0 - 2.0.2Packagist
nimish_pachapurkar/spike_phpcoverage
Published Jul 16, 2012
Tracked Since Feb 18, 2026