Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0936


Vulnerability Score 7.5 7.5
CVE Id CVE-2008-0936
Last Modified 05 Sep 2008 05:36:23
Published 25 Feb 2008 01:44:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



SQL injection vulnerability in index.php in the Prayer List (prayerlist) 1.04 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.

Vulnerable Systems


  • Xoops Prayer List Module 1.04


BID - 27934

SECUNIA - 29063

BUGTRAQ - 20080221 XOOPS Module prayerlist SQL Injection(cid)

Last Updated: 27 May 2016 10:46:58