CVE-2008-0937 Information

Description

SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter in a print action a different vector than CVE-2007-1811.

Reference

http://marc.info/?l=bugtraq&m=120361694407815&w=2 http://secunia.com/advisories/29073 http://www.securityfocus.com/bid/27931