Test ID:	1.3.6.1.4.1.25623.1.0.100569
Category:	Web application abuses
Title:	Moodle 1.8.x < 1.8.12, 1.9.x < 1.9.8 Multiple Vulnerabilities
Summary:	Moodle is prone to multiple vulnerabilities.
Description:	Summary: Moodle is prone to multiple vulnerabilities. Vulnerability Insight: The following flaws exist: - multiple cross-site scripting issues - a security-bypass issue - an information-disclosure issue - multiple SQL-injection issues - an HTML-injection issue - a session-fixation issue Vulnerability Impact: Attackers can exploit these issues to bypass certain security restrictions, obtain sensitive information, perform unauthorized actions, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Other attacks may also be possible. Affected Software/OS: Moodle versions 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8. Solution: Updates are available. Please see the references for more information. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-1619 SuSE Security Announcement: SUSE-SR:2010:011 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html http://www.vupen.com/english/advisories/2010/1107 Common Vulnerability Exposure (CVE) ID: CVE-2010-1618 Common Vulnerability Exposure (CVE) ID: CVE-2010-1617 Common Vulnerability Exposure (CVE) ID: CVE-2010-1616 http://tracker.moodle.org/browse/MDL-16658 Common Vulnerability Exposure (CVE) ID: CVE-2010-1615 Common Vulnerability Exposure (CVE) ID: CVE-2010-1614 Common Vulnerability Exposure (CVE) ID: CVE-2010-1613
Copyright	Copyright (C) 2010 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.