Vulnerabilities > Xoops > Xoops > 2.5.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-11-20 | CVE-2014-8999 | SQL Injection vulnerability in Xoops 2.5.6 SQL injection vulnerability in htdocs/modules/system/admin.php in XOOPS before 2.5.7 Final allows remote authenticated users to execute arbitrary SQL commands via the selgroups parameter. | 6.5 |