{"title":"在Moodle平台使用恶意插件危害数据","authors":"Đorđe Milošević, K. Kuk, B. Popović, P. Císar","doi":"10.1109/INFOTEH53737.2022.9751251","DOIUrl":null,"url":null,"abstract":"This paper describes potential endangerment to the database security in an e-learning systems, which directly violates the confidentiality of data use, and various abuses are possible. Special attention is paid to plugins for different CMS platforms, of which there are currently over 1,500 in the official repository as one of the leading ways for compromising database security at the moment. Installed plugins external to e-leaning system as Moodle, lets that system perform a function that's not in environment core, but can be very dangerous. Therefore, Moodle users should consider all the risks involved in installing software add-ons outside official the Moodle plugin download repository. Description of the database security problem is presented via a case study in which the potential endangering to the Moodle database based on the creation of a malicious plugin, vulnerable activities and social engineering attack.","PeriodicalId":6839,"journal":{"name":"2022 21st International Symposium INFOTEH-JAHORINA (INFOTEH)","volume":"2 1","pages":"1-5"},"PeriodicalIF":0.0000,"publicationDate":"2022-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Endangered data in Moodle platform with malicious plugins\",\"authors\":\"Đorđe Milošević, K. Kuk, B. Popović, P. Císar\",\"doi\":\"10.1109/INFOTEH53737.2022.9751251\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper describes potential endangerment to the database security in an e-learning systems, which directly violates the confidentiality of data use, and various abuses are possible. Special attention is paid to plugins for different CMS platforms, of which there are currently over 1,500 in the official repository as one of the leading ways for compromising database security at the moment. Installed plugins external to e-leaning system as Moodle, lets that system perform a function that's not in environment core, but can be very dangerous. Therefore, Moodle users should consider all the risks involved in installing software add-ons outside official the Moodle plugin download repository. Description of the database security problem is presented via a case study in which the potential endangering to the Moodle database based on the creation of a malicious plugin, vulnerable activities and social engineering attack.\",\"PeriodicalId\":6839,\"journal\":{\"name\":\"2022 21st International Symposium INFOTEH-JAHORINA (INFOTEH)\",\"volume\":\"2 1\",\"pages\":\"1-5\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-03-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 21st International Symposium INFOTEH-JAHORINA (INFOTEH)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/INFOTEH53737.2022.9751251\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 21st International Symposium INFOTEH-JAHORINA (INFOTEH)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INFOTEH53737.2022.9751251","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Endangered data in Moodle platform with malicious plugins
This paper describes potential endangerment to the database security in an e-learning systems, which directly violates the confidentiality of data use, and various abuses are possible. Special attention is paid to plugins for different CMS platforms, of which there are currently over 1,500 in the official repository as one of the leading ways for compromising database security at the moment. Installed plugins external to e-leaning system as Moodle, lets that system perform a function that's not in environment core, but can be very dangerous. Therefore, Moodle users should consider all the risks involved in installing software add-ons outside official the Moodle plugin download repository. Description of the database security problem is presented via a case study in which the potential endangering to the Moodle database based on the creation of a malicious plugin, vulnerable activities and social engineering attack.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
