Описание
Multiple SQL injection vulnerabilities in the get_record function in datalib.php in Moodle 1.5.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) category.php and (2) info.php.
Ссылки
- ExploitVendor Advisory
- PatchVendor Advisory
- Exploit
- ExploitVendor Advisory
- PatchVendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:moodle:moodle:1.5.2:*:*:*:*:*:*:*
EPSS
Процентиль: 80%
0.01452
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
ubuntu
больше 19 лет назад
Multiple SQL injection vulnerabilities in the get_record function in datalib.php in Moodle 1.5.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) category.php and (2) info.php.
debian
больше 19 лет назад
Multiple SQL injection vulnerabilities in the get_record function in d ...
github
около 3 лет назад
Multiple SQL injection vulnerabilities in the get_record function in datalib.php in Moodle 1.5.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) category.php and (2) info.php.
EPSS
Процентиль: 80%
0.01452
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other