1 results (0.006 seconds)

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 2

SQL injection vulnerability in index.php in the WebChat 1.60 module for eXV2 allows remote attackers to execute arbitrary SQL commands via the roomid parameter. Vulnerabilidad de inyección SQL en index.php del módulo WebChat 1.60 para eXV2 permite a atacantes remotos ejecutar comandos SQL de su elección al utilizar el parámetro roomid. • https://www.exploit-db.com/exploits/5255 http://secunia.com/advisories/29390 http://www.securityfocus.com/bid/28256 https://exchange.xforce.ibmcloud.com/vulnerabilities/41213 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •