Description
SQL injection vulnerability in mod/feedback/complete.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, and 2.2.x before 2.2.4 allows remote authenticated users to execute arbitrary SQL commands via crafted form data.
Remediation
References
Related Vulnerabilities
Ruby on Rails Improper Input Validation Vulnerability (CVE-2008-7248)
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3481)
WordPress Plugin Forums 'url' Parameter Arbitrary File Disclosure (1.4.3)
WordPress Plugin Zeno Font Resizer Cross-Site Scripting (1.7.9)