2 matches found
XOOPS Module Friendfinder SQL Injection (CVE-2007-1838)
An SQL injection vulnerability has been reported in Xoops Friendfinder Module. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
CVE-2007-1838
CVE-2007-1838 describes an SQL injection in the Friendfinder module for XOOPS (version 3.3 and earlier) . The vulnerability affects the view.php component, where an attacker can manipulate the id parameter to execute arbitrary SQL commands on the back-end database. The provided documents confirm ...