//
http://www.w4cking.com
Product:
moodle 1.6.2
http://www.moodle.org
Vulnerability:
SQL injection
Notes:
- SQL injection can be used to obtain password hash
- the moodle blog "module" must be enabled
- guest access to the blog must be enabled
POC:
/blog
A security vulnerability was recently discovered in all versions of
Moodle 1.6 and later that allows SQL injection. A quick one-line fix has
already been added to CVS to patch this problem for 1.6.x and 1.7 versions.
Update your servers using CVS as soon as possible, or edit the file
blog/index.ph