4 matches found
CVE-2006-4896
This CVE-2006-4896 entry is rejected and should not be used as an active vulnerability reference.
Moodle < 1.6.2 Multiple Vulnerabilities
The installed version of Moodle fails to sanitize user-supplied input to a number of parameters and scripts. An attacker can leverage these issues to launch SQL injection and cross-site scripting attacks against the affected application. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
CVE-2006-4785
SQL injection vulnerability in blog/edit.php in Moodle 1.6.1 and earlier allows remote attackers to execute arbitrary SQL commands via the format parameter as stored in the $blogEntry variable, which is not properly handled by the insertrecord function, which calls adodbcolumnsql in the adodb lay...
CVE-2006-4785
Moodle