CVE-2008-0936

Xoops Prayer List Module - SQL Injection

Title source: rule

Description

SQL injection vulnerability in index.php in the Prayer List (prayerlist) 1.04 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.

Exploits (1)

exploitdb WORKING POC VERIFIED
by S@BUN · textwebappsphp
https://www.exploit-db.com/exploits/31284

References (3)

Scores

EPSS 0.0027
EPSS Percentile 49.7%

Classification

CWE
CWE-89
Status draft

Affected Products (1)

xoops/prayer_list_module

Timeline

Published Feb 25, 2008
Tracked Since Feb 18, 2026