Miggo Logo
Miggo Vulnerability Database
CVE-2016-9187

CVE-2016-9187: Moodle Unrestricted file upload vulnerability

8.8

CVSS Score
3.0

Basic Information

CVE ID
CVE-2016-9187
GHSA ID
GHSA-58fm-v4pr-jh8p
EPSS Score
0.86639%
CWE
CWE-434
Published
5/17/2022
Updated
4/23/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
moodle/moodlecomposer>= 2.0.1, <= 3.2.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The provided vulnerability descriptions reference the 'image module' and double extension handling but do not specify concrete function names or file paths. While the vulnerability likely exists in functions related to file upload validation (e.g., filename parsing, MIME type detection, or extension filtering), Moodle's architecture and the lack of patch/commit details make it impossible to identify specific functions with high confidence. The CWE-434 classification confirms the pattern, but insufficient implementation details prevent precise function identification.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Unr*stri*t** *il* uplo** vuln*r**ility in t** *ou*l* *xt*nsion support in t** "im***" mo*ul* in Moo*l* *.*.* *llows r*mot* *ut**nti**t** us*rs to *x**ut* *r*itr*ry *o** *y uplo**in* * *il* wit* *n *x**ut**l* *xt*nsion, *n* t**n ****ssin* it vi* unsp*

Reasoning

T** provi*** vuln*r**ility **s*riptions r***r*n** t** 'im*** mo*ul*' *n* *ou*l* *xt*nsion **n*lin* *ut *o not sp**i*y *on*r*t* *un*tion n*m*s or *il* p*t*s. W*il* t** vuln*r**ility lik*ly *xists in *un*tions r*l*t** to *il* uplo** v*li**tion (*.*., `