Multiple SQL injection vulnerabilities in Moodle 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8 allow remote malicious users to execute arbitrary SQL commands via vectors related to (1) the add_to_log function in mod/wiki/view.php in the wiki module, or (2) "data validation in some forms elements" related to lib/form/selectgroups.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
moodle moodle 1.8.6 |
||
moodle moodle 1.8.5 |
||
moodle moodle 1.8.11 |
||
moodle moodle 1.9.4 |
||
moodle moodle 1.9.3 |
||
moodle moodle 1.8.4 |
||
moodle moodle 1.9.5 |
||
moodle moodle 1.9.2 |
||
moodle moodle 1.8.8 |
||
moodle moodle 1.8.2 |
||
moodle moodle 1.8.1 |
||
moodle moodle 1.9.1 |
||
moodle moodle 1.8.7 |
||
moodle moodle 1.8.9 |
||
moodle moodle 1.8.3 |
||
moodle moodle 1.8.10 |
||
moodle moodle 1.9.6 |
||
moodle moodle 1.9.7 |