CVE-2007-1979
N/A
N/A
Summary
SQL injection vulnerability in index.php in the PopnupBlog 2.52 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the postid parameter, possibly involving the get_blogid_from_postid function in class/PopnupBlogUtils.php. NOTE: later versions such as 3.03 and 3.05 might also be affected.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.exploit-db.com/exploits/3655
- http://secunia.com/advisories/24761
- http://www.vupen.com/english/advisories/2007/1206
- http://www.securityfocus.com/bid/23286
References
- https://www.exploit-db.com/exploits/3655
- http://secunia.com/advisories/24761
- http://www.vupen.com/english/advisories/2007/1206
- http://www.securityfocus.com/bid/23286
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.