Skip to main content
Loading…
    CVE-2006-4417 — SQL injection vulnerability in edituser.php in Xoops before 2.0.15 allows remote attackers to execute arbitrary SQL commands via the user_avatar parameter. — CVE Database · The Intelligence Room