ID de Prueba:	1.3.6.1.4.1.25623.1.0.15639
Categoría:	Web application abuses
Título:	Moodle SQL injection flaws
Resumen:	The remote version of Moodle is vulnerable to a SQL; injection issue in 'glossary' module due to a lack of user input sanitization.
Descripción:	Summary: The remote version of Moodle is vulnerable to a SQL injection issue in 'glossary' module due to a lack of user input sanitization. Affected Software/OS: Moodle prior to version 1.4.3. Solution: Upgrade to Moodle 1.4.3 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1424 BugTraq ID: 12120 http://www.securityfocus.com/bid/12120 Bugtraq: 20041227 Multiple Vulnerabilities in Moodle (Google Search) http://marc.info/?l=bugtraq&m=110425409614735&w=2 Bugtraq: 20041230 Re: Multiple Vulnerabilities in Moodle (Google Search) http://marc.info/?l=bugtraq&m=110444531816566&w=2 http://secunia.com/advisories/13694 XForce ISS Database: moodle-view-search-xss(18702) https://exchange.xforce.ibmcloud.com/vulnerabilities/18702 Common Vulnerability Exposure (CVE) ID: CVE-2004-1425 XForce ISS Database: moodle-directory-traversal(18550) https://exchange.xforce.ibmcloud.com/vulnerabilities/18550 Common Vulnerability Exposure (CVE) ID: CVE-2004-2232 BugTraq ID: 11608 http://www.securityfocus.com/bid/11608 http://www.osvdb.org/11427 http://securitytracker.com/id?1012113 http://secunia.com/advisories/13091 XForce ISS Database: moodle-glossary-sql-injection(17965) https://exchange.xforce.ibmcloud.com/vulnerabilities/17965
Copyright	Copyright (C) 2004 David Maciejak

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.