A Remote Code Execution (RCE) vulnerability has been found in filter/tex/texed.php. Due to the fact this file does not properly check the input parameters, it is possible to exploit this vulnerability in order to execute arbitrary commands on the target server. In order to exploit this vulnerability register_globals must be enabled (in PHP), magic_quotes must be disabled, and the TeX Notation filter in Moodle must be turned on.
Product Name