Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Moodle Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2012-3395 - Vulnerability Database
Moodle

Moodle Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2012-3395

Medium
Reference: CVE-2012-3395
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2012-3395
Title: Moodle Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Overview:

SQL injection vulnerability in mod/feedback/complete.php in Moodle 2.0.x before 2.0.10 2.1.x before 2.1.7 and 2.2.x before 2.2.4 allows remote authenticated users to execute arbitrary SQL commands via crafted form data.