Description

SQL injection vulnerability in calendar/event.php in the calendar implementation in Moodle 1.9.x before 1.9.18 allows remote authenticated users to execute arbitrary SQL commands via a crafted calendar event.

Remediation

References

CVE-2012-2363

Related Vulnerabilities

SharePoint CVE-2020-1181 Vulnerability (CVE-2020-1181)

Oracle Database Server CVE-2011-2240 Vulnerability (CVE-2011-2240)

WordPress Credentials Management Errors Vulnerability (CVE-2009-2762)

WordPress Plugin Disqus Comment System Multiple Vulnerabilities (2.75)

WordPress Plugin Easy Social Icons Multiple Vulnerabilities (1.2.3.1)

Severity

Medium

Classification

CVE-2012-2363 CWE-138

Tags

Missing Update Known Vulnerabilities