Description
SQL injection vulnerability in the SCORM module in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 allows remote authenticated users to execute arbitrary SQL commands via vectors related to an "escaping issue when processing AICC CRS file (Course_Title)."
Remediation
References
Related Vulnerabilities
WordPress Plugin Annonces 'theme.php' Arbitrary File Upload (1.2.0.1)
Django Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-0305)
Moodle Other Vulnerability (CVE-2004-1978)
WordPress Plugin CMP-Coming Soon & Maintenance by NiteoThemes Security Bypass (3.8.1)
Oracle Database Server CVE-2013-5858 Vulnerability (CVE-2013-5858)