CVE-2025-34031 Scanner

Moodle is a widely used open-source learning management system employed by educational institutions and organizations worldwide. The Jmol Filter in Moodle enhances its capability to display interactive 3D molecular structures within course materials. However, like any software component, it can possess vulnerabilities that might put educational data at risk. This scanner specifically targets the Jmol Filter component for security evaluation. Regularly scanning and updating fixes is crucial for maintaining the secure operation of Moodle.

Local File Inclusion (LFI) is a security vulnerability that allows an attacker to include files from the server via the web browser. It usually occurs when the web application includes the filepath as an input without adequate sanitization. This can lead to potentially devastating consequences, such as exposing sensitive information stored on the server. The vulnerability detected in Moodle Jmol Filter can compromise the confidentiality and security of the server.

The Moodle Jmol Filter 6.1 is prone to Local File Inclusion through its jsmol.php file. Attackers can leverage this vulnerability by manipulating the 'call' parameter to include unauthorized files. The vulnerability typically affects the getRawDataFromDatabase function. Key files such as '/etc/passwd' could be exposed, escalating the risk of data exposure. Proper sanitation of file paths is necessary to mitigate such risks.

Exploiting this vulnerability could allow an attacker to read sensitive server files, leading to information disclosure. It might expose user credentials or other confidential data contained within local server files. In some instances, it could also facilitate remote code execution if combined with other vulnerabilities. Immediate steps to correct this issue include applying updates or patches provided by the developers.

REFERENCES

• https://www.exploit-db.com/exploits/46881
• https://nvd.nist.gov/vuln/detail/CVE-2025-34031