VYPR

Xfsection Module

by XOOPS

CVEs (2)

  • CVE-2007-3222Jun 14, 2007
    risk 0.04cvss epss 0.07

    PHP remote file inclusion vulnerability in modify.php in the XFsection 1.07 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the dir_module parameter.

  • CVE-2007-1974Apr 12, 2007
    risk 0.03cvss epss 0.06

    SQL injection vulnerability in the getArticle function in class/wfsarticle.php in WF-Section (aka WF-Sections) 1.0.1, as used in Xoops modules such as (1) Zmagazine 1.0, (2) Happy Linux XFsection 1.07 and earlier, and possibly other modules, allows remote attackers to execute…