{"uuid": "8f82801b-6581-4486-b8d7-9aaf8016c719", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43425", "type": "seen", "source": "https://t.me/brutsecurity/848", "content": "CVE-2024-43425: RCE in Moodle, PoC is available \ud83d\udd25\ud83d\udd25\ud83d\udd25\n\nDue to incomplete sanitization in the \u201ccalculated questions\u201d feature, attackers can transmit and execute arbitrary code, which can be used to disclose students\u2019 confidential information or disrupt the entire learning process.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/6WaFx\n\ud83d\udc49 Dork: http.headers.set_cookie:\"MoodleSession\"\n\nRead more: https://blog.redteam-pentesting.de/2024/moodle-rce/", "creation_timestamp": "2026-07-09T03:00:12.949630Z"}