{"title":"Endangered data in Moodle platform with malicious plugins","authors":"Đorđe Milošević, K. Kuk, B. Popović, P. Císar","doi":"10.1109/INFOTEH53737.2022.9751251","DOIUrl":null,"url":null,"abstract":"This paper describes potential endangerment to the database security in an e-learning systems, which directly violates the confidentiality of data use, and various abuses are possible. Special attention is paid to plugins for different CMS platforms, of which there are currently over 1,500 in the official repository as one of the leading ways for compromising database security at the moment. Installed plugins external to e-leaning system as Moodle, lets that system perform a function that's not in environment core, but can be very dangerous. Therefore, Moodle users should consider all the risks involved in installing software add-ons outside official the Moodle plugin download repository. Description of the database security problem is presented via a case study in which the potential endangering to the Moodle database based on the creation of a malicious plugin, vulnerable activities and social engineering attack.","PeriodicalId":6839,"journal":{"name":"2022 21st International Symposium INFOTEH-JAHORINA (INFOTEH)","volume":"2 1","pages":"1-5"},"PeriodicalIF":0.0000,"publicationDate":"2022-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 21st International Symposium INFOTEH-JAHORINA (INFOTEH)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INFOTEH53737.2022.9751251","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
This paper describes potential endangerment to the database security in an e-learning systems, which directly violates the confidentiality of data use, and various abuses are possible. Special attention is paid to plugins for different CMS platforms, of which there are currently over 1,500 in the official repository as one of the leading ways for compromising database security at the moment. Installed plugins external to e-leaning system as Moodle, lets that system perform a function that's not in environment core, but can be very dangerous. Therefore, Moodle users should consider all the risks involved in installing software add-ons outside official the Moodle plugin download repository. Description of the database security problem is presented via a case study in which the potential endangering to the Moodle database based on the creation of a malicious plugin, vulnerable activities and social engineering attack.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
