SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the id parameter in a print action, a different vector than CVE-2007-1811.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tinyevent tinyevent 1.01 |
||
xoops tiny event module 1.01 |