[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [school-discuss] Fwd: Moodle <=1.6dev blind SQL Injection

There is an immediate fix and a draft patch posted on moodle.org at
http://moodle.org/mod/forum/discuss.php?d=34185 , together with a heated
discussion on the merits, or otherwise, of publishing security issues in
open source software.

Michael Shigorin wrote:
> ----- Forwarded message from retrogod/aliceposta.it -----
> Date: 10 Nov 2005 20:25:51 -0000
> From: retrogod/aliceposta.it
> To: bugtraq/securityfocus.com
> Subject: Moodle <=1.6dev blind SQL Injection