Search for vulnerabilities
| Vulnerability ID | VCID-x1xw-7ked-hfgf |
| Aliases |
CVE-2010-1615
GHSA-9xp2-5fr9-7mwm |
| Summary | Moodle vulnerable to SQL injection Multiple SQL injection vulnerabilities in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8 allow remote attackers to execute arbitrary SQL commands via vectors related to (1) the add_to_log function in mod/wiki/view.php in the wiki module, or (2) "data validation in some forms elements" related to lib/form/selectgroups.php. |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 8.0 |
| Risk | 4.0 |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| generic_textual | HIGH | http://cvs.moodle.org/moodle/lib/form/selectgroups.php?r1=1.2.4.2&r2=1.2.4.3 |
| generic_textual | HIGH | http://cvs.moodle.org/moodle/mod/wiki/view.php?r1=1.76.2.6&r2=1.76.2.7 |
| generic_textual | HIGH | http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html |
| generic_textual | HIGH | http://moodle.org/security |
| epss | 0.00436 | https://api.first.org/data/v1/epss?cve=CVE-2010-1615 |
| epss | 0.00436 | https://api.first.org/data/v1/epss?cve=CVE-2010-1615 |
| cvssv3.1_qr | HIGH | https://github.com/advisories/GHSA-9xp2-5fr9-7mwm |
| generic_textual | HIGH | https://github.com/moodle/moodle |
| generic_textual | HIGH | https://nvd.nist.gov/vuln/detail/CVE-2010-1615 |
| Percentile | 0.62061 |
| EPSS Score | 0.00436 |
| Published At | June 30, 2025, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2025-07-01T12:29:08.105354+00:00 | GithubOSV Importer | Import | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-9xp2-5fr9-7mwm/GHSA-9xp2-5fr9-7mwm.json | 36.1.3 |