Family: CGI abuses --> Category: infos
Moodle < 1.6.2 Multiple Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks if Moodle's jumpto.php requires a sesskey
Detailed Explanation for this Vulnerability Test
The remote web server contains a PHP application that suffers from
The installed version of Moodle fails to sanitize user-supplied input
to a number of parameters and scripts. A possible hacker may be able to
leverage these issues to launch SQL injection and cross-site scripting
attacks against the affected application.
See also :
Upgrade to Moodle version 1.6.2 or later.
High / CVSS Base Score : 7.0
Click HERE for more information and discussions on this network vulnerability scan.