CVE-2009-4304

CVE-2009-4304 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not use a random password salt in config.php, which makes it easier for attackers to conduct brute-force password guessing attacks.

Learn more about our Web Application Penetration Testing UK.