{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-16T01:29:21.421","vulnerabilities":[{"cve":{"id":"CVE-2018-1133","sourceIdentifier":"secalert@redhat.com","published":"2018-05-25T12:29:00.230","lastModified":"2024-11-21T03:59:15.633","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in Moodle 3.x. A Teacher creating a Calculated question can intentionally cause remote code execution on the server, aka eval injection."},{"lang":"es","value":"Se ha descubierto un problema en Moodle 3.x. Si un profesor crea una pregunta \"Calculated\", puede provocar intencionadamente la ejecución remota de código en el servidor. Esto también se conoce como \"eval injection\"."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionStartIncluding":"3.1.0","versionEndIncluding":"3.1.11","matchCriteriaId":"075775AB-928E-42E6-A8C8-90C151B1F031"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionStartIncluding":"3.2.0","versionEndIncluding":"3.2.8","matchCriteriaId":"56C70846-B851-4FB8-AD01-88318B41DE70"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionStartIncluding":"3.3.0","versionEndIncluding":"3.3.5","matchCriteriaId":"ABAE5044-56A2-4243-A7C1-2219DC62D1C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionStartIncluding":"3.4.0","versionEndIncluding":"3.4.2","matchCriteriaId":"852FF021-18B1-4273-ACD9-0E1C53AC39EC"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/104307","source":"secalert@redhat.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://moodle.org/mod/forum/discuss.php?d=371199","source":"secalert@redhat.com","tags":["Patch","Vendor Advisory"]},{"url":"https://www.exploit-db.com/exploits/46551/","source":"secalert@redhat.com","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://www.securityfocus.com/bid/104307","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://moodle.org/mod/forum/discuss.php?d=371199","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://www.exploit-db.com/exploits/46551/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}}]}