Affected configuration(s):
cpe:/a:xoops:glossaire_module:1.0::~~~xoops~~
Date published: 2014-06-02T10:55:04.107-04:00
Date last modified: 2014-06-03T07:08:59.573-04:00
CVSS Score: 7.5
Principal attack vector: NETWORK
Complexity: LOW
Reference URL: http://packetstormsecurity.com/files/126701
Summary: SQL injection vulnerability in glossaire-aff.php in the Glossaire module 1.0 for XOOPS allows remote attackers to execute arbitrary SQL commands via the lettre parameter.