CVE-2005-2113
XOOPS <= 2.0.11 is affected by an SQL injection in the XMLRPC loginUser function that lets remote attackers execute arbitrary SQL and bypass authentication via crafted XML (e.g., blogger.getPost). The issue is documented as CVE-2005-2113; severity is HIGH (CVSS v2: AV:N/AC:L/Au:N/C:P/I:P/A:P)....