CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-1065

Multiple SQL injection vulnerabilities in index.php in the XM-Memberstats (xmmemberstats) 2.0e module for XOOPS allow remote attackers to execute arbitrary SQL commands via the (1) letter or (2) sortby parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.1%

CVSS Severity

CVSS v2 Score 7.5

References

http://secunia.com/advisories/29107
http://www.securityfocus.com/bid/27979
http://www.xssing.com/index.php?x=3&y=12
http://secunia.com/advisories/29107
http://www.securityfocus.com/bid/27979
http://www.xssing.com/index.php?x=3&y=12

Products affected by CVE-2008-1065

Xoops » Xm Memberstats » Version: 2.0e

cpe:2.3:a:xoops:xm_memberstats:2.0e

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-1065

Products

Pricing

Contact Us