CVE-2007-6675
CVE-2007-6675 affects XOOPS up to version 2.0.18. The b_system_comments_show function in htdocs/modules/system/blocks/system_blocks.php does not perform a permissions check, allowing remote attackers to read comments in restricted modules. This description is corroborated by multiple sources (NVD...