Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2009-4305

SQL injection vulnerability in the SCORM module in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 allows remote authenticated users to execute arbitrary SQL commands via vectors related to an "escaping issue when processing AICC CRS file (Course_Title)."

  • Published: Dec 16, 2009
  • Updated: Apr 13, 2023
  • CVE: CVE-2009-4305
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.5
  • AV:N/AC:L/Au:S/C:P/I:P/A:P

CWEs:

OWASP TOP 10:

Software From Fixed in
moodle / moodle 1.9.4 1.9.4.x
moodle / moodle 1.9.1 1.9.1.x
moodle / moodle 1.8.8 1.8.8.x
moodle / moodle 1.9.6 1.9.6.x
moodle / moodle 1.8.2 1.8.2.x
moodle / moodle 1.9.2 1.9.2.x
moodle / moodle 1.8.5 1.8.5.x
moodle / moodle 1.8.3 1.8.3.x
moodle / moodle 1.8.9 1.8.9.x
moodle / moodle 1.8.7 1.8.7.x
moodle / moodle 1.8.10 1.8.10.x
moodle / moodle 1.9.3 1.9.3.x
moodle / moodle 1.9.5 1.9.5.x
moodle / moodle 1.8.4 1.8.4.x
moodle / moodle 1.8.1 1.8.1.x