Description

SQL injection vulnerability in blog/index.php in the blog module in Moodle 1.6.2 allows remote attackers to execute arbitrary SQL commands via a double-encoded tag parameter.

Remediation

References

CVE-2006-5219

Related Vulnerabilities

WordPress Plugin PhastPress Open Redirect (1.110)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-8874)

Atlassian Confluence Missing Authorization Vulnerability (CVE-2021-26085)

WordPress Plugin W3 Total Cache Multiple Unspecified Vulnerabilities (0.9.5.1)

MongoDb Out-of-bounds Write Vulnerability (CVE-2021-32040)

Severity

Medium

Classification

CVE-2006-5219

Tags

Missing Update Known Vulnerabilities