Description

SQL injection vulnerability in mod/feedback/complete.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, and 2.2.x before 2.2.4 allows remote authenticated users to execute arbitrary SQL commands via crafted form data.

Remediation

References

CVE-2012-3395

Related Vulnerabilities

MySQL CVE-2013-5891 Vulnerability (CVE-2013-5891)

WordPress Plugin Portfolio Gallery-Photo Gallery Cross-Site Scripting (2.2.2)

WordPress Plugin Easy Contact Forms Export 'file' Parameter Information Disclosure (1.1.0)

WordPress Plugin WPFront User Role Editor Multiple Cross-Site Scripting Vulnerabilities (2.13)

Joomla Improper Authentication Vulnerability (CVE-2014-6632)

Severity

Medium

Classification

CVE-2012-3395 CWE-138

Tags

Missing Update Known Vulnerabilities