Unrated severityNVD Advisory· Published Sep 23, 2006· Updated Jun 16, 2026

CVE-2006-4939

Description

backup/backup_scheduled.php in Moodle before 1.6.2 generates trace data with the full backup pathname even when debugging is disabled, which might allow attackers to obtain the pathname.

Affected products

Moodle/Moodle3 versions
cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*range: <=1.6.1
- cpe:2.3:a:moodle:moodle:1.6.0:*:*:*:*:*:*:*
- (no CPE)range: <1.6.2

Patches

Vulnerability mechanics

References

docs.moodle.org/en/Release_notesnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000