Similar hacks have been discussed here:
http://moodle.org/mod/forum/discuss.php?d=111710#p490453 Affected sites seem to be all running PHP with register_global turned on, which is a really bad idea and not recommended by Moodle.
- Moodle 1.9.3 Remote Code Execution ascii
- Re: Moodle 1.9.3 Remote Code Execution lent
- Re: Moodle 1.9.3 Remote Code Execution Jamie Riden
- Re: Re: Moodle 1.9.3 Remote Code Execution martin
- Re: Moodle 1.9.3 Remote Code Execution hackeriri
