First published: Mon Feb 25 2008(Updated: )
SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter in a print action, a different vector than CVE-2007-1811.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Tinyevent Tinyevent | =1.01 | |
Xoops Tiny Event Module | =1.01 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.