CVE-2009-4298: Infoleak

First published: Wed Dec 16 2009(Updated: )

The LAMS module (mod/lams) for Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 stores the (1) username, (2) firstname, and (3) lastname fields within the user table, which allows attackers to obtain user account information via unknown vectors.

Credit: cve@mitre.org

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-historical
• collector/nvd-index
• agent/softwarecombine
• agent/type
• agent/author
• agent/references
• agent/remedy
• agent/severity
• agent/weakness
• agent/description
• agent/tags
• collector/mitre-cve
• source/MITRE
• agent/last-modified-date
• agent/first-publish-date
• agent/event
• agent/source
• vendor/moodle
• canonical/moodle moodle
• version/moodle moodle/1.9.4
• version/moodle moodle/1.9.1
• version/moodle moodle/1.8.8
• version/moodle moodle/1.9.6
• version/moodle moodle/1.8.2
• version/moodle moodle/1.9.2
• version/moodle moodle/1.8.5
• version/moodle moodle/1.8.3
• version/moodle moodle/1.8.9
• version/moodle moodle/1.8.7
• version/moodle moodle/1.8.10
• version/moodle moodle/1.9.3
• version/moodle moodle/1.9.5
• version/moodle moodle/1.8.4
• version/moodle moodle/1.8.1