Home > Vulnerability Database > CVE-2008-6124

Mend.io Vulnerability Database

CVE-2008-6124

Date: October 3, 2022

SQL injection vulnerability in the hotpot_delete_selected_attempts function in report.php in the HotPot module in Moodle 1.6 before 1.6.7, 1.7 before 1.7.5, 1.8 before 1.8.6, and 1.9 before 1.9.2 allows remote attackers to execute arbitrary SQL commands via a crafted selected attempt.

Severity Score

4.4

Related Resources (6)

Url: http://cvs.moodle.org/moodle/mod/hotpot/report.php?r1=1.8.6.1&r2=1.8.6.2

Url: https://nvd.nist.gov/vuln/detail/CVE-2008-6124

Url: http://moodle.org/mod/forum/discuss.php?d=101402

Url: http://www.debian.org/security/2008/dsa-1691

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2008-6124

Url: https://www.mend.io/vulnerability-database/CVE-2008-6124

Severity Score

4.4

Weakness Type (CWE)

SQL Injection

CWE-89

CVSS v3

Base Score:	4.4
Attack Vector (AV):
Attack Complexity (AC):
Privileges Required (PR):
User Interaction (UI):
Scope (S):
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL

CVSS v2

Base Score:	7.3
Access Vector (AV):
Access Complexity (AC):
Authentication (AU):
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2008-6124

Date: October 3, 2022

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

CVSS v3

CVSS v2

Do you need more information?