Xoops: >> Xoops Glossaire Module Security Vulnerabilities
SQL injection vulnerability in glossaire-p-f.php in the Glossaire 1.7 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the sid parameter in an ImprDef action.
CVSS Score
7.5
EPSS Score
0.003
Published
2007-05-17
PHP remote file inclusion vulnerability in index.php in the Glossaire module 1.7 for Xoops allows remote attackers to execute arbitrary PHP code via a URL in the pa parameter.
CVSS Score
5.1
EPSS Score
0.02
Published
2006-07-06