Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Moodle Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2008-6124 - Vulnerability Database
Moodle

Moodle Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2008-6124

High
Reference: CVE-2008-6124
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2008-6124
Title: Moodle Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Overview:

SQL injection vulnerability in the hotpot_delete_selected_attempts function in report.php in the HotPot module in Moodle 1.6 before 1.6.7 1.7 before 1.7.5 1.8 before 1.8.6 and 1.9 before 1.9.2 allows remote attackers to execute arbitrary SQL commands via a crafted selected attempt.