CVE-2020-14321

This repository contains a Python script that exploits CVE-2020-14321, a privilege escalation vulnerability in Moodle allowing a teacher role to escalate to manager and achieve remote code execution (RCE). The script supports both credential-based and cookie-based authentication.

This is a functional exploit for CVE-2020-14321, targeting Moodle 3.9. It leverages a privilege escalation vulnerability from the teacher role to manager, enabling remote code execution (RCE) via plugin installation.

This is a modified exploit for CVE-2020-14321, targeting Moodle for privilege escalation. It leverages a vulnerability to escalate a teacher's privileges to a manager role within a course.

This Metasploit module exploits a privilege escalation chain in Moodle (CVE-2020-14321) to achieve RCE by abusing teacher enrollment to gain manager privileges, then uploading a malicious theme. It requires authentication and multiple steps to succeed.