PHP Object Injection Vulnerability in Moodle Repositories Component

PHP Object Injection Vulnerability in Moodle Repositories Component

CVE-2014-3541 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The Repositories component in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary code via serialized data associated with an add-on.

Learn more about our Web Application Penetration Testing UK.