Description
SQL injection vulnerability in blog/index.php in the blog module in Moodle 1.6.2 allows remote attackers to execute arbitrary SQL commands via a double-encoded tag parameter.
Remediation
References
Related Vulnerabilities
Apache Tomcat Other Vulnerability (CVE-2002-0936)
Oracle Database Server CVE-2011-0811 Vulnerability (CVE-2011-0811)
Internet Information Services Other Vulnerability (CVE-1999-0154)
Envoy Proxy Missing Authentication for Critical Function Vulnerability (CVE-2022-29226)
PHP Integer Overflow or Wraparound Vulnerability (CVE-2015-2305)