Sql injection

2007-04-1110:19:00

PRIOn knowledge base

www.prio-n.com

8.8 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

38.9%

JSON

SQL injection vulnerability in visit.php in the Rha7 Downloads (rha7downloads) 1.0 module for XOOPS, and possibly other versions up to 1.10, allows remote attackers to execute arbitrary SQL commands via the lid parameter.

CPENameOperatorVersion
rha7_downloads_moduleeq1.10
rha7_downloads_moduleeq1.0

CPE	Name	Operator	Version
	rha7_downloads_module	eq	1.10
	rha7_downloads_module	eq	1.0

References

osvdb.org/34460

secunia.com/advisories/24790

www.securityfocus.com/bid/23320

www.exploit-db.com/exploits/3666