CVE-2008-0874

Name of the Vulnerable Software and Affected Versions eEmpregos module for XOOPS (affected versions not specified)

Description The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the cid parameter in a 'view' action within the index.php file of the eEmpregos module.

Recommendations For the eEmpregos module, consider restricting access to the cid parameter in the index.php file until a patch is available. As a temporary workaround, avoid using the cid parameter in the 'view' action to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.