CVE-2025-34031 PoC — Moodle LMS Jmol plugin 安全漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-34031.yaml

Associated Vulnerability

Title:Moodle LMS Jmol plugin 安全漏洞 (CVE-2025-34031)
Description:Moodle LMS Jmol plugin是Moodle开源的一款插件。 Moodle LMS Jmol plugin 6.1及之前版本存在安全漏洞，该漏洞源于jsmol.php中query参数未经验证直接传递到file_get_contents函数，可能导致任意文件读取。

Description

Moodle Jmol Filter 6.1 is vulnerable to local file inclusion through the jsmol.php file, allowing attackers to read arbitrary files on the server.

File Snapshot


 id: CVE-2025-34031

info:
  name: Moodle Jmol Filter 6.1 - Local File Inclusion
  author: madrobot
 

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!