2 matches found
CVE-2017-11174
CVE-2017-11174 is a SQL injection vulnerability affecting XOOPS Core 2.5.8.1, in the file install/page_dbsettings.php. The issue arises from unfiltered data being passed to CREATE and ALTER SQL queries, with a specific relation to GBK in CHARACTER SET and COLLATE clauses. The vulnerability allows...
CVE-2017-11174
In install/pagedbsettings.php in the Core distribution of XOOPS 2.5.8.1, unfiltered data passed to CREATE and ALTER SQL queries caused SQL Injection in the database settings page, related to use of GBK in CHARACTER SET and COLLATE clauses...