by vicarius
log in join community
by @secatgourity
03 Jul 2024
#existing_exploit_analysis

Analyze a CVE exploitation

publish

Understanding and cryptic SQLi in Moodle (CVE-2022-0332)

by @secatgourity
by @secatgourity
03 Jul 2024
#existing_exploit_analysis

Analyze a CVE exploitation

publish

Understanding and cryptic SQLi in Moodle (CVE-2022-0332)

CVEs

CVE-2022-0332
9.8 Critical Severity

Screenshots from the blog posts

images/cly48z82lwd1e1joi4ufhe75r.pngimages/cly48z82lwd1e1joi4ufhe75r.png

Summary

In this post, we aim to understand an SQLi exploit for Moodle and demystify some of the unknowns that the public exploit sources leave out. That makes the currently discussed exploit more viable and feasible to be used during your next pentest engagements.

Script link

Moodle 3.11.4 - SQL Injection

Moodle 3.11.4 - SQL Injection. CVE-2022-0332 . webapps exploit for PHP platform

image

Description

Tags

#opensource#SQLi#php#sql_injection#moodle#learning-management-solution#authenticated

@secatgourity

190 posts

Total vcoins

0

Social media links

Comments (0)