Moodle 'install.php' Cross Site Scripting Vulnerability

Bugtraq ID: 27259
Class: Input Validation Error
CVE: CVE-2008-0123
Remote: Yes
Local: No
Published: Jan 12 2008 12:00AM
Updated: Feb 08 2008 07:06PM
Credit: Hanno Bock is credited with the discovery of this vulnerability.
Vulnerable: SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
SuSE SUSE Linux Enterprise SDK 10 SP1
SuSE SUSE Linux Enterprise Desktop 10 SP1
S.u.S.E. UnitedLinux 1.0
S.u.S.E. SuSE Linux Standard Server 8.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. SuSE Linux Openexchange Server 4.0
S.u.S.E. openSUSE 10.3
S.u.S.E. openSUSE 10.2
S.u.S.E. Open-Enterprise-Server 0
S.u.S.E. Novell Linux POS 9
S.u.S.E. Novell Linux Desktop 9
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Enterprise Server 10.SP1
S.u.S.E. Linux Desktop 1.0
S.u.S.E. Linux 10.1 x86-64
S.u.S.E. Linux 10.1 x86
S.u.S.E. Linux 10.1 ppc
S.u.S.E. Linux 10.0 x86-64
S.u.S.E. Linux 10.0 x86
S.u.S.E. Linux 10.0 ppc
Moodle moodle 1.8.3
Moodle moodle 1.7.1
Moodle moodle 1.6.2
Moodle moodle 1.6.1
Moodle moodle 1.6 dev
Moodle moodle 1.5.2
Moodle moodle 1.5.1
Moodle moodle 1.5
Moodle moodle 1.4.3
Moodle moodle 1.4.2
Moodle moodle 1.4.1
Moodle moodle 1.3.4
Moodle moodle 1.3.3
Moodle moodle 1.3.2
Moodle moodle 1.3.1
Moodle moodle 1.3
Moodle moodle 1.2.1
Moodle moodle 1.2
Moodle moodle 1.1.1
Moodle moodle 1.6.1 +
Moodle moodle 1.18.2.3
Moodle moodle 1.18.2.2
BEA Systems Weblogic Proxy Plugin 1.5.3 +
BEA Systems Weblogic Proxy Plugin 1.5.3
Not Vulnerable: Moodle moodle 1.8.4


 

Privacy Statement
Copyright 2010, SecurityFocus