CVE-2014-3935 Information

Description

SQL injection vulnerability in glossaire-aff.php in the Glossaire module 1.0 for XOOPS allows remote attackers to execute arbitrary SQL commands via the lettre parameter.

Reference

http://packetstormsecurity.com/files/126701 http://www.securityfocus.com/bid/67460