CVE-2007-2373

WF-Links <1.03 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in viewcat.php in the WF-Links (wflinks) 1.03 and earlier module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by ajann · pythonwebappsphp
https://www.exploit-db.com/exploits/3670

References (6)

Scores

EPSS 0.0149
EPSS Percentile 80.8%

Classification

Status draft

Affected Products (1)

wf-links/wf-links < 1.03

Timeline

Published Apr 30, 2007
Tracked Since Feb 18, 2026