Description
SQL injection vulnerability in the SCORM module in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 allows remote authenticated users to execute arbitrary SQL commands via vectors related to an "escaping issue when processing AICC CRS file (Course_Title)."
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Page Contact SQL Injection (1.0)
WordPress Plugin Contact Form 7 Database Addon-CFDB7 CSV Injection (1.2.5.5)
Moodle Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2016-7038)
Oracle HTTP Server Other Vulnerability (CVE-1999-1125)
Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-36400)