Vulnerability Description
SQL injection vulnerability in the Tutorials 2.1b module for XOOPS allows remote attackers to execute arbitrary SQL commands via the tid parameter to printpage.php, which is accessible directly or through a printpage action to index.php.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xoops | Tutoriais Module | 2.1b |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/29358Vendor Advisory
- http://www.securityfocus.com/bid/28230
- https://www.exploit-db.com/exploits/5245
- http://secunia.com/advisories/29358Vendor Advisory
- http://www.securityfocus.com/bid/28230
- https://www.exploit-db.com/exploits/5245
FAQ
What is CVE-2008-1351?
CVE-2008-1351 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in the Tutorials 2.1b module for XOOPS allows remote attackers to execute arbitrary SQL commands via the tid parameter to printpage.php, which is accessible directly or thr...
How severe is CVE-2008-1351?
CVE-2008-1351 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1351?
Check the references section above for vendor advisories and patch information. Affected products include: Xoops Tutoriais Module.