Description

SQL injection vulnerability in the SCORM module in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 allows remote authenticated users to execute arbitrary SQL commands via vectors related to an "escaping issue when processing AICC CRS file (Course_Title)."

Remediation

References

CVE-2009-4305

Related Vulnerabilities

WordPress Plugin Booking Ultra Pro Appointments Booking Calendar Multiple Cross-Site Request Forgery Vulnerabilities (1.1.4)

Opencart Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-40834)

Liferay DXP CVE-2024-25148 Vulnerability (CVE-2024-25148)

WordPress Plugin WordPress Video Player Multiple Vulnerabilities (1.5.4)

WordPress Plugin Export any WordPress data to XML/CSV Cross-Site Scripting (1.3.5)

Severity

Medium

Classification

CVE-2009-4305 CWE-138

Tags

Missing Update Known Vulnerabilities