7 matches found
Moodle 3.9.x < 3.9.12 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.9.x prior to 3.9.12, 3.10.x prior to 3.10.9 or 3.11.x prior to 3.11.5. It is, therefore, affected by multiple vulnerabilities: - An SQL injection vulnerability in the h5p activity web service responsible for fetching user attempt data...
Moodle 3.11.x < 3.11.5 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.9.x prior to 3.9.12, 3.10.x prior to 3.10.9 or 3.11.x prior to 3.11.5. It is, therefore, affected by multiple vulnerabilities: - An SQL injection vulnerability in the h5p activity web service responsible for fetching user attempt data...
Moodle 3.11.4 SQL Injection
Exploit Title: Moodle 3.11.4 - SQL Injection Date: 30/01/2022 Exploit Author: lavclash75 Vendor Homepage: https://moodle.org/ Version: Moodle 3.11 to 3.11.4 CVE: CVE-2022-0332 POC GET...
Moodle 3.11.4 - SQL Injection
Exploit Title: Moodle 3.11.4 - SQL Injection Date: 30/01/2022 Exploit Author: lavclash75 Vendor Homepage: https://moodle.org/ Version: Moodle 3.11 to 3.11.4 CVE: CVE-2022-0332 POC GET...
Moodle 3.11.4 - SQL Injection Vulnerability
Exploit Title: Moodle 3.11.4 - SQL Injection Exploit Author: lavclash75 Vendor Homepage: https://moodle.org/ Version: Moodle 3.11 to 3.11.4 CVE: CVE-2022-0332 POC GET...
Exploit for SQL Injection in Moodle
CVE-2022-0332 Moodle 3.11 to 3.11.4 - SQL injection...
CVE-2022-0332
CVE-2022-0332 affects Moodle 3.11–3.11.4, where an SQL injection vulnerability exists in the h5p activity web service used to fetch user attempt data. Root cause: inadequate sanitization/validation of inputs in mod_h5pactivity_get_user_attempts, enabling attacker-controlled SQL fragments. Impact ...