VULHUB ™

A vulnerability exists in the WebChat module included with Xoops. The vulnerability is due to insufficient sanitization of variables used to construct SQL queries in the 'index.php' script. It is possible to modify the logic of SQL queries through malformed query strings in requests for the vulnerable script. By injecting SQL code into variables, it may be possible for an attacker to corrupt database information.

A vulnerability exists in the WebChat module included with Xoops. The vulnerability is due to insufficient sanitization of variables used to construct SQL queries in the 'index.php' script. It is possible to modify the logic of SQL queries through malformed query strings in requests for the vulnerable script. By injecting SQL code into variables, it may be possible for an attacker to corrupt database information.