CVE-2007-1960

2007-04-1110:00:00

mitre

www.cve.org

AI Score

8.3

Confidence

Low

EPSS

0.001

Percentile

41.1%

JSON

SQL injection vulnerability in visit.php in the Rha7 Downloads (rha7downloads) 1.0 module for XOOPS, and possibly other versions up to 1.10, allows remote attackers to execute arbitrary SQL commands via the lid parameter.

References

osvdb.org/34460

secunia.com/advisories/24790

www.securityfocus.com/bid/23320

www.exploit-db.com/exploits/3666