Description

Multiple SQL injection vulnerabilities in Xoops 2.0.16 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in kernel/group.php in core, (2) the lid parameter in class/table_broken.php in the Weblinks module, and other unspecified vectors.

Remediation

References

CVE-2007-0377

Related Vulnerabilities

Magento CVE-2020-9585 Vulnerability (CVE-2020-9585)

WordPress Plugin Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and Lightbox for native gallery Cross-Site Scripting (2.2.0)

MySQL CVE-2013-5793 Vulnerability (CVE-2013-5793)

MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2326)

MySQL CVE-2013-1531 Vulnerability (CVE-2013-1531)

Severity

High

Classification

CVE-2007-0377

Tags

Missing Update Known Vulnerabilities