CVE-2017-7290
XOOPS (eXtensible Object Oriented Portal System) contains a SQL injection vulnerability in findusers.php affecting XOOPS 2.5.7.2 and other versions prior to 2.5.8.1. The flaw allows authenticated remote administrators to execute arbitrary SQL commands via the url parameter to findusers.php, with ...