2 matches found
CVE-2005-3648
Multiple SQL injection vulnerabilities in the getrecord function in datalib.php in Moodle 1.5.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in 1 category.php and 2 info.php...
CVE-2005-3648
CVE-2005-3648 (Moodle 1.5.2) Multiple SQL injection vulnerabilities exist in the get_record function of datalib.php, allowing remote attackers to inject arbitrary SQL via the id parameter in category.php and info.php. Root cause is improper input handling in Moodle’s database queries. Documents d...