Description
SQL injection vulnerability in mod/feedback/complete.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, and 2.2.x before 2.2.4 allows remote authenticated users to execute arbitrary SQL commands via crafted form data.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Clean Up & Optimizer-Clean Up Optimizer SQL Injection (3.0.13)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1161)
WordPress Plugin New Year Firework Cross-Site Scripting (1.1.9)