CVE-2007-1960

SQL injection vulnerability in visit.php in the Rha7 Downloads (rha7downloads) 1.0 module for XOOPS, and possibly other versions up to 1.10, allows remote attackers to execute arbitrary SQL commands via the lid parameter.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:xoops:rha7_downloads_module:1.0:*:*:*:*:*:*:*
cpe:2.3:a:xoops:rha7_downloads_module:1.10:*:*:*:*:*:*:*

History

No history.

Information

Published : 2007-04-11 10:19

Updated : 2024-02-28 11:01


NVD link : CVE-2007-1960

Mitre link : CVE-2007-1960

CVE.ORG link : CVE-2007-1960


JSON object : View

Products Affected

xoops

  • rha7_downloads_module
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')