Description
SQL injection vulnerability in the SCORM module in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 allows remote authenticated users to execute arbitrary SQL commands via vectors related to an "escaping issue when processing AICC CRS file (Course_Title)."
Remediation
References
Related Vulnerabilities
Apache Tomcat Improper Input Validation Vulnerability (CVE-2009-0033)
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-29052)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6106)
WordPress Plugin Postie Multiple Vulnerabilities (1.9.40)
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9516)