2 matches found
XOOPS Module Glossarie Remote SQL Injection (CVE-2007-2738)
An SQL injection vulnerability has been reported in Xoops Glossaire Module. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
CVE-2007-2738
The CVE-2007-2738 entry corresponds to a SQL injection vulnerability in the Glossaire module for XOOPS (version 1.7 and earlier). The flaw resides in glossaire-p-f.php, where the sid parameter used in an ImprDef action is not properly sanitized, allowing remote attackers to execute arbitrary SQL ...