XOOPS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-5665)

Description

SQL injection vulnerability in index.php in the xhresim module in XOOPS allows remote attackers to execute arbitrary SQL commands via the no parameter.

Remediation

References

CVE-2008-5665

Related Vulnerabilities

Drupal Core 9.0.x Cross-Site Request Forgery (9.0.0 - 9.0.14)

Drupal Core 8.6.x Multiple Vulnerabilities (8.6.0 - 8.6.5)

Oracle Application Server CVE-2007-5520 Vulnerability (CVE-2007-5520)

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-3727)

WordPress Plugin Another WordPress Classifieds Cross-Site Scripting (3.3.1)

Severity

High

Classification

CVE-2008-5665 CWE-138

Description

Remediation

References

Related Vulnerabilities

Severity

Classification

Tags

Take action and discover your vulnerabilities