Description

SQL injection vulnerability in index.php in the xhresim module in XOOPS allows remote attackers to execute arbitrary SQL commands via the no parameter.

Remediation

References

CVE-2008-5665

Related Vulnerabilities

WordPress Plugin White Label CMS Cross-Site Scripting (1.5.2)

WordPress Plugin WP Login Security and History Cross-Site Request Forgery (1.0)

WordPress Plugin WP Photo Album Plus Cross-Site Scripting (5.4.17)

WordPress Plugin Add-on SweetAlert Contact Form 7 Unspecified Vulnerability (1.0.7)

WordPress Cross-Site Scripting Vulnerability (3.0 - 3.6.1)

Severity

High

Classification

CVE-2008-5665 CWE-138

Tags

Missing Update Known Vulnerabilities