Moodle Backup Restore Functionality Remote Code Execution Vulnerability

Vulnerability

A remote code execution vulnerability exists in Moodle's backup restore feature due to inadequate validation of backup file contents. This flaw allows authenticated users with restore permissions to upload malicious Moodle backup files that can execute arbitrary PHP code on the server. Successful exploitation could lead to a complete compromise of the Moodle instance, including unauthorized data access, system modifications, or service disruptions.

Impact

Exploitation of this vulnerability could result in full compromise of the Moodle server, allowing unauthorized access to data, system modifications, or disruption of services.

Added: Feb 21, 2026, 6:32 AM

Updated: Feb 21, 2026, 6:32 AM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

10.0

exploitability

5.2

remediation

0.0

relevance

3.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

10.0

exploitability

5.2

remediation

0.0

relevance

3.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Moodle Backup Restore Functionality Remote Code Execution Vulnerability

Vulnerability

Impact

Affected Products

Moodle

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating