Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0937


Vulnerability Score 6.8 6.8
CVE Id CVE-2008-0937
Last Modified 05 Sep 2008 05:36:23
Published 25 Feb 2008 01:44:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter in a print action, a different vector than CVE-2007-1811.

Vulnerable Systems


  • Tinyevent 1.01

  • Xoops Tiny Event Module 1.01


BID - 27931

SECUNIA - 29073

BUGTRAQ - 20080221 XOOPS Module tinyevent-print SQL Injection(id)

Last Updated: 27 May 2016 10:46:58