RSA enVision Multiple Security Vulnerabilities
Moodle is prone to multiple security vulnerabilities, including:
1. Multiple unspecified cross-site scripting vulnerabilities. (CVE-2012-0399)
2. An authentication-bypass vulnerability. (CVE-2012-0400)
3. Multiple unspecified SQL-injection vulnerabilities. (CVE-2012-0401)
4. An authentication-bypass vulnerability. (CVE-2012-0402)
5. An unspecified directory-traversal vulnerability. (CVE-2012-0403)
Attackers can exploit these issues to bypass certain security restrictions, insert malicious HTML and script codes, obtain sensitive information, compromise a denial of service attack, and modify data in the underlying database.