CVE-2014-3541

Published: Jul 29, 2014Modified: May 6, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

The Repositories component in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary code via serialized data associated with an add-on.

Affected (35)

Products: Moodle: Moodle

Moodle

1 product

Moodle

Configuration A

11 vulnerable

Vulnerable Software	Affected Versions
Moodle Moodle	Version 2.4.0
Moodle Moodle	Version 2.4.10
Moodle Moodle	Version 2.4.1
Moodle Moodle	Version 2.4.2
Moodle Moodle	Version 2.4.3
Moodle Moodle	Version 2.4.4
Moodle Moodle	Version 2.4.5
Moodle Moodle	Version 2.4.6
Moodle Moodle	Version 2.4.7
Moodle Moodle	Version 2.4.8
Moodle Moodle	Version 2.4.9

Configuration B

7 vulnerable

Vulnerable Software	Affected Versions
Moodle Moodle	Version 2.5.0
Moodle Moodle	Version 2.5.1
Moodle Moodle	Version 2.5.2
Moodle Moodle	Version 2.5.3
Moodle Moodle	Version 2.5.4
Moodle Moodle	Version 2.5.5
Moodle Moodle	Version 2.5.6

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Moodle Moodle	Version 2.7.0

Configuration D

12 vulnerable

Vulnerable Software	Affected Versions
Moodle Moodle	Up to 2.3.11
Moodle Moodle	Version 2.3.0
Moodle Moodle	Version 2.3.10
Moodle Moodle	Version 2.3.1
Moodle Moodle	Version 2.3.2
Moodle Moodle	Version 2.3.3
Moodle Moodle	Version 2.3.4
Moodle Moodle	Version 2.3.5
Moodle Moodle	Version 2.3.6
Moodle Moodle	Version 2.3.7
Moodle Moodle	Version 2.3.8
Moodle Moodle	Version 2.3.9