Moodle 1.9.1 SQL injection attacks

[cteq]

Hi i want to know how much is Moodle really secure?
Can you access it... with SQL injection attacks,
login as admin perhaps?

[Goatboy]

Try it out for yourself. Or Google for a vulnerability. I doubt anyone here is going to take the time to check this for you.

[cteq]

i want to know is it possibleto bypass this

[Goatboy]

That picture cannot be bypassed. kthxbai.

[fabianhjr]

If i remember correctly it give a hint of the first later. Later you can guess it.

Moodle is focused on usability and security. No single XSS/XSRF/FI/SQLi vulnerability as far as I know.
Download the source and read it.

[alltheprettyhorses]

Hmmm, I currently work for a local computer company that offer a website penetration test service. When I first joined Moodle used to be considered a bit of a joke, all the guys (and one female, who to be honest looked like a guy) who worked within pen-testing just saw it as easy money to be honest. The particular vulnerability was due to unsanitised input within SQL queries if I remember correctly, however, I have never been required to work with Moodle myself so naturally my input on recent versions is severly limited and you should pay close attention to anyone who posts regarding more recent experience.

Remember, the vulnerability I mentioned was in older versions of Moodle and (as I have already stated ) I personally haven't had to deal with a single instance of Moodle being used since I arrived...I can however ask those in the know what the particular vulnerability was (remember this will only apply to older versions unless people have dealt with it recently) if you have a serious interest in the subject...(please don't make me do this, it requires emailing the most arrogant computer experts on the planet.)

Alternatively you could just search it yourself, I'm certain someone will have published some info somewhere for those willing to turn to the omnipotent diety known to use mere mortals as Google.

P.s. please forgive my spelling and grammar (even though i have proof-read this twice) I have no doubt they are appalling due to the vast amount of wine I have consumed... Twas' a glorious night.