Summary
The remote host is running a version of the Moodle suite, an open-source course management system written in PHP, which is older than version 1.4.3.
The remote version of this software is vulnerable to SQL injection issue in 'glossary' module due to a lack of user input sanitization.
Solution
Upgrade to Moodle 1.4.3 or later.
Severity
Classification
-
CVE CVE-2004-1424, CVE-2004-1425, CVE-2004-2232 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Artifectx xClassified 'catid' SQL Injection Vulnerability
- AlefMentor Multiple SQL Injection Vulnerabilities
- Advantech Studio 'NTWebServer.exe' Directory Traversal Vulnerability
- artmedic_links5 File Inclusion Vulnerability
- Acute Control Panel SQL Injection Vulnerability and Remote File Include Vulnerability