3 matches found
moodle162.txt
// http://www.w4cking.com Product: moodle 1.6.2 http://www.moodle.org Vulnerability: SQL injection Notes: - SQL injection can be used to obtain password hash - the moodle blog "module" must be enabled - guest access to the blog must be enabled POC:...
CVE-2006-5219
SQL injection vulnerability in blog/index.php in the blog module in Moodle 1.6.2 allows remote attackers to execute arbitrary SQL commands via a double-encoded tag parameter...
CVE-2006-5219
Moodle 1.6.2 is affected by CVE-2006-5219 due to an SQL injection in blog/index.php of the blog module. The vulnerability is triggered via a double-encoded tag parameter, enabling remote attackers to execute arbitrary SQL commands. The issue impacts the Moodle 1.6.2 blog feature; CVSSv2 base scor...