Описание
Multiple SQL injection vulnerabilities in Xoops 2.0.16 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in kernel/group.php in core, (2) the lid parameter in class/table_broken.php in the Weblinks module, and other unspecified vectors.
Multiple SQL injection vulnerabilities in Xoops 2.0.16 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in kernel/group.php in core, (2) the lid parameter in class/table_broken.php in the Weblinks module, and other unspecified vectors.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-0377
- http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0355.html
- http://osvdb.org/33684
- http://osvdb.org/33685
- http://www.hackers.ir/advisories/festival.txt
- http://www.securityfocus.com/archive/1/459150/100/0/threaded
- http://www.securityfocus.com/bid/22399
EPSS
CVE ID
Связанные уязвимости
Multiple SQL injection vulnerabilities in Xoops 2.0.16 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in kernel/group.php in core, (2) the lid parameter in class/table_broken.php in the Weblinks module, and other unspecified vectors.
EPSS