Moodle 安全漏洞

漏洞信息详情

Moodle 安全漏洞

• CNNVD编号：CNNVD-200412-150
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2004-2232
  
• 漏洞类型：
  
  
  其他
  
• 发布时间：
  
  2004-12-31
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2020-12-03
  
• 厂        商：
  
  moodle
• 漏洞来源：
  The individual res…

Moodle是一套免费、开源的电子学习软件平台，也称课程管理系统、学习管理系统或虚拟学习环境。

Moodle 1.4.1及其早期版本的Glossary模块的sql.php存在安全漏洞。远程攻击者可以利用该漏洞修改SQL语句。

Although it has been reported that this issue is fixed in version 1.4.2 of the affected software, this is not confirmed. Please contact the vendor for more information.

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com .
@securityfocus.com>

来源:SECUNIA

链接:http://secunia.com/advisories/13091

来源:BID

链接:https://www.securityfocus.com/bid/11608

来源:SECTRACK

链接:http://securitytracker.com/id?1012113

来源:OSVDB

链接:http://www.osvdb.org/11427

来源:XF

链接:https://exchange.xforce.ibmcloud.com/vulnerabilities/17965

来源:CONFIRM

链接:http://cvs.sourceforge.net/viewcvs.py/moodle/moodle/mod/glossary/sql.php?r1=1.15.2.2&r2=1.15.2.3