Description

SQL injection vulnerability in mod/feedback/complete.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, and 2.2.x before 2.2.4 allows remote authenticated users to execute arbitrary SQL commands via crafted form data.

Remediation

References

CVE-2012-3395

Related Vulnerabilities

MySQL CVE-2022-21330 Vulnerability (CVE-2022-21330)

ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-27008)

WordPress Plugin WP Bannerize SQL Injection (4.0.2)

OpenSSL CVE-2021-4160 Vulnerability (CVE-2021-4160)

MySQL CVE-2017-3633 Vulnerability (CVE-2017-3633)

Severity

Medium

Classification

CVE-2012-3395 CWE-138

Tags

Missing Update Known Vulnerabilities