SQL Injection
moodle/moodle is vulnerable to SQL Injection attacks. The vulnerability is due to improper sanitization located in the sort parameter of the enrolgetmycourses function in enrollib.php which allows a malicious attacker to inject and execute arbitrary SQL queries on the system when fetching courses...