High severity8.8NVD Advisory· Published May 25, 2018· Updated Jun 17, 2026
CVE-2018-1133
CVE-2018-1133
Description
An issue was discovered in Moodle 3.x. A Teacher creating a Calculated question can intentionally cause remote code execution on the server, aka eval injection.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
moodle/moodlePackagist | >= 3.1, < 3.1.12 | 3.1.12 |
moodle/moodlePackagist | >= 3.2, < 3.2.9 | 3.2.9 |
moodle/moodlePackagist | >= 3.3, < 3.3.6 | 3.3.6 |
moodle/moodlePackagist | >= 3.4, < 3.4.3 | 3.4.3 |
Affected products
1Patches
Vulnerability mechanics
References
6- moodle.org/mod/forum/discuss.phpnvdPatchVendor AdvisoryWEB
- www.exploit-db.com/exploits/46551/nvdExploitThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/104307nvdThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-xh2j-q4mc-v522ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-1133ghsaADVISORY
- www.exploit-db.com/exploits/46551ghsaWEB
News mentions
0No linked articles in our index yet.