Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Moodle Other Vulnerability (CVE-2006-6626)

Description

Cross-site scripting (XSS) vulnerability in an unspecified component of Moodle 1.5 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. NOTE: It is unclear whether this candidate overlaps CVE-2006-4784 or CVE-2006-4941.

Remediation

References

Related Vulnerabilities

Sqlite CVE-2021-20223 Vulnerability (CVE-2021-20223)

Oracle Application Server Other Vulnerability (CVE-2002-1632)

WordPress 4.4.x PHP Object Injection (4.4 - 4.4.24)

PrestaShop Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2013-6358)

WordPress Plugin Templatic Tevolution Arbitrary File Upload (2.3.6)

Severity

Medium

Classification

CVE-2006-6626

Tags

Missing Update Known Vulnerabilities