Description
SQL injection vulnerability in index.php in the xhresim module in XOOPS allows remote attackers to execute arbitrary SQL commands via the no parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Admin Menu Tree Page View Multiple Vulnerabilities (2.6.9)
WordPress Plugin Social Media Widget by Acurax Cross-Site Request Forgery (3.2.5)
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker SQL Injection (7.3.4)
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-0825)
WordPress Plugin YITH Color and Label Variations for WooCommerce Security Bypass (1.8.11)