Description

SQL injection vulnerability in blog/index.php in the blog module in Moodle 1.6.2 allows remote attackers to execute arbitrary SQL commands via a double-encoded tag parameter.

Remediation

References

CVE-2006-5219

Related Vulnerabilities

WordPress Plugin WP e-Commerce Predictive Search Cross-Site Scripting (1.1.1)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-10160)

Oracle Database Server Other Vulnerability (CVE-1999-0888)

WordPress Plugin Custom 404 Pro Unspecified Vulnerability (3.7.0)

jQuery UI Tooltip Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41184)

Severity

Medium

Classification

CVE-2006-5219

Tags

Missing Update Known Vulnerabilities