Moodle allows an authenticated administrator to define spellcheck settings via the web interface. An administrator can update the aspell path to include a command injection. This is extremely similar to CVE-2013-3630, just using a different variable. This Metasploit module was tested against Moodle versions 3.11.2, 3.10.0, and 3.8.0.
33c8bb6a0f9058457ef9ea11c88cb44a8e6a479225f59eb841f22283ace6b68d