CVE-2007-1846

Published: Apr 3, 2007Modified: Apr 23, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

SQL injection vulnerability in index.php in the MyAds 2.04jp and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the cid parameter, different vectors than CVE-2006-3341.

Affected (1)

Products: Xoops: Malaika System Myads Module

Xoops

1 product

Malaika System Myads Module

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Xoops Malaika System Myads Module	Up to 2.04

References (8)

http://osvdb.org/37372

Source: cve@mitre.org

http://www.securityfocus.com/bid/23212

Source: cve@mitre.org

ExploitVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/33334

Source: cve@mitre.org

https://www.exploit-db.com/exploits/3603

Source: cve@mitre.org

http://osvdb.org/37372

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/23212

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/33334

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.exploit-db.com/exploits/3603

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.