CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-0937

SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter in a print action, a different vector than CVE-2007-1811.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.2%

CVSS Severity

CVSS v2 Score 6.8

References

http://marc.info/?l=bugtraq&m=120361694407815&w=2
http://secunia.com/advisories/29073
http://www.securityfocus.com/bid/27931
http://marc.info/?l=bugtraq&m=120361694407815&w=2
http://secunia.com/advisories/29073
http://www.securityfocus.com/bid/27931

Products affected by CVE-2008-0937

Tinyevent » Tinyevent » Version: 1.01

cpe:2.3:a:tinyevent:tinyevent:1.01
Xoops » Tiny Event Module » Version: 1.01

cpe:2.3:a:xoops:tiny_event_module:1.01

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-0937

Products

Pricing

Contact Us