Description

Multiple SQL injection vulnerabilities in the get_record function in datalib.php in Moodle 1.5.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) category.php and (2) info.php.

Remediation

References

CVE-2005-3648

Related Vulnerabilities

SharePoint CVE-2023-24954 Vulnerability (CVE-2023-24954)

WordPress Plugin Generate PDF using Contact Form 7 Cross-Site Scripting (3.5)

WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (3.0.30)

OpenVPN AS Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2022-33738)

OpenSSL Resource Management Errors Vulnerability (CVE-2006-2937)

Severity

High

Classification

CVE-2005-3648

Tags

Missing Update Known Vulnerabilities