SQL Injection Vulnerability in WebChat 1.5 (XOOPS 1.0) - Remote Code Execution via roomid Parameter

CVE-2002-2391 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SQL injection vulnerability in index.php of WebChat 1.5 included in XOOPS 1.0 allows remote attackers to execute arbitrary SQL commands via the roomid parameter.

Learn more about our Web App Pen Testing.