SQL injection vulnerability in index.php in the John Mordo Jobs 2.4 and previous versions module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the cid parameter in a jobsview action. NOTE: the module name was originally reported as Job Listings.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xoops john mordo jobs module |