SQL injection - penetration test

SQL injection - penetration test

by Manar Alseddiqi -
Number of replies: 2
We had an external penetration test, and below are the findings on Moodle:


Results Under a specific environment SQL injection was executed.

Description When specific SQL requests were made, it reflected undefined response.


The userid parameter appears to be vulnerable to SQL injection attacks. The payloads 62586018' or 1623=1623-- and 

61015647' or 9130=9135-- were each submitted in the userid parameter. These two requests resulted in different responses, 

indicating that the input is being incorporated into a SQL query in an unsafe way. 


Could you please advice me on how to address this issue?




Average of ratings: -
In reply to Manar Alseddiqi

Re: SQL injection - penetration test

by Michael Hawkins -
Picture of Core developers Picture of Moodle HQ Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Testers
Hi there,

It would be great if you could submit your findings via our Security Submission form, which will allow you to provide full details and we can then investigate further. Please do not post findings in this public forum if you think you have identified a vulnerability (even if the details are incomplete). See the Security Procedures and Responsible Disclosure Policy document for more information.

This sounds like it could be a false positive, but would still be worth sending through the proper form so we can verify.

Thanks!
Average of ratings: -
In reply to Michael Hawkins

Re: SQL injection - penetration test

by Manar Alseddiqi -
Thank you for your guidance, i will use the shared form and will delete this post.

Much appreciated
Average of ratings: -