Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Moodle Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2009-4305 - Vulnerability Database
Moodle

Moodle Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2009-4305

Medium
Reference: CVE-2009-4305
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2009-4305
Title: Moodle Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Overview:

SQL injection vulnerability in the SCORM module in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 allows remote authenticated users to execute arbitrary SQL commands via vectors related to an quotescaping issue when processing AICC CRS file (Course_Title).quot