CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-1960

SQL injection vulnerability in visit.php in the Rha7 Downloads (rha7downloads) 1.0 module for XOOPS, and possibly other versions up to 1.10, allows remote attackers to execute arbitrary SQL commands via the lid parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.8%

CVSS Severity

CVSS v2 Score 7.5

References

http://osvdb.org/34460
http://secunia.com/advisories/24790
http://www.securityfocus.com/bid/23320
https://www.exploit-db.com/exploits/3666
http://osvdb.org/34460
http://secunia.com/advisories/24790
http://www.securityfocus.com/bid/23320
https://www.exploit-db.com/exploits/3666

Products affected by CVE-2007-1960

Xoops » Rha7 Downloads Module » Version: 1.0

cpe:2.3:a:xoops:rha7_downloads_module:1.0
Xoops » Rha7 Downloads Module » Version: 1.10

cpe:2.3:a:xoops:rha7_downloads_module:1.10

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-1960

Products

Pricing

Contact Us