Description

SQL injection vulnerability in index.php of WebChat 1.5 included in XOOPS 1.0 allows remote attackers to execute arbitrary SQL commands via the roomid parameter.

Remediation

References

CVE-2002-2391

Related Vulnerabilities

Jenkins Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2024-47803)

PHP NULL Pointer Dereference Vulnerability (CVE-2017-9229)

WordPress Plugin MasterStudy LMS-for Online Courses and Education Local File Inclusion (3.3.0)

YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-2829)

TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-0815)

Severity

High

Classification

CVE-2002-2391 CWE-138

Tags

Missing Update Known Vulnerabilities