CVE-2007-2107 Information

Description

SQL injection vulnerability in visit.php in the Rha7 Downloads (rha7downloads) 1.0 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter a different vector than CVE-2007-1960. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Reference

http://osvdb.org/37412 http://www.vupen.com/english/advisories/2007/1266