CVE-2009-4305 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2009-4305 Interim 1 5 2023-12-09T02:00:35Z current 2021-05-30T12:49:32Z 2023-12-09T02:00:35Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2009-4305 SQL injection vulnerability in the SCORM module in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 allows remote authenticated users to execute arbitrary SQL commands via vectors related to an "escaping issue when processing AICC CRS file (Course_Title)." The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KMSGWTGNMZ6OBF4PSADAZBORDOW6FLX6/#KMSGWTGNMZ6OBF4PSADAZBORDOW6FLX6 E-Mail link for SUSE-SR:2010:004 https://www.suse.com/support/security/rating/ SUSE Security Ratings SQL injection vulnerability in the SCORM module in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 allows remote authenticated users to execute arbitrary SQL commands via vectors related to an "escaping issue when processing AICC CRS file (Course_Title)." CVE-2009-4305 moderate 6.5 AV:N/AC:L/Au:S/C:P/I:P/A:P