Moodle 'install.php' Cross Site Scripting Vulnerability

Bugtraq ID: 27259
Class: Input Validation Error
CVE: CVE-2008-0123
Remote: Yes
Local: No
Published: Jan 12 2008 12:00AM
Updated: Feb 08 2008 07:06PM
Credit: Hanno Bock is credited with the discovery of this vulnerability.
Vulnerable: SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
SuSE SUSE Linux Enterprise SDK 10 SP1
SuSE Suse Linux Enterprise Desktop 10 SP1
SuSE Linux Enterprise Server 9
SuSE Linux Enterprise Server 10.SP1
SuSE Linux Desktop 1.0
SuSE Linux 10.1 x86-64
SuSE Linux 10.1 x86
SuSE Linux 10.1 ppc
SuSE Linux 10.0 x86-64
SuSE Linux 10.0 x86
SuSE Linux 10.0 ppc
S.u.S.E. UnitedLinux 1.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. SuSE Linux Openexchange Server 4.0
S.u.S.E. openSUSE 10.3
S.u.S.E. openSUSE 10.2
S.u.S.E. Open-Enterprise-Server 0
S.u.S.E. Novell Linux POS 9
S.u.S.E. Novell Linux Desktop 9
Moodle moodle 1.8.3
Moodle moodle 1.7.1
Moodle moodle 1.6.2
Moodle moodle 1.6.1
Moodle moodle 1.6 dev
Moodle moodle 1.5.2
Moodle moodle 1.5.1
Moodle moodle 1.5
Moodle moodle 1.4.3
Moodle moodle 1.4.2
Moodle moodle 1.4.1
Moodle moodle 1.3.4
Moodle moodle 1.3.3
Moodle moodle 1.3.2
Moodle moodle 1.3.1
Moodle moodle 1.3
Moodle moodle 1.2.1
Moodle moodle 1.2
Moodle moodle 1.1.1
Moodle moodle 1.6.1 +
Moodle moodle 1.18.2.3
Moodle moodle 1.18.2.2
BEA Systems Weblogic Proxy Plugin 1.5.3 +
BEA Systems Weblogic Proxy Plugin 1.5.3
Not Vulnerable: Moodle moodle 1.8.4


 

Privacy Statement
Copyright 2010, SecurityFocus