{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-29T06:44:03.400","vulnerabilities":[{"cve":{"id":"CVE-2007-1960","sourceIdentifier":"cve@mitre.org","published":"2007-04-11T10:19:00.000","lastModified":"2026-06-16T22:38:38.737","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SQL injection vulnerability in visit.php in the Rha7 Downloads (rha7downloads) 1.0 module for XOOPS, and possibly other versions up to 1.10, allows remote attackers to execute arbitrary SQL commands via the lid parameter."},{"lang":"es","value":"Una vulnerabilidad de inyección SQL en el archivo visit.php en el módulo Rha7 Downloads (rha7downloads) versión 1.0 para XOOPS, y posiblemente otras versiones hasta 1.10, permite a atacantes remotos  ejecutar comandos SQL arbitrarios por medio del parámetro lid."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:xoops:rha7_downloads_module:1.0:*:*:*:*:*:*:*","matchCriteriaId":"79ACCCF9-733A-4CE7-A588-C09BB54421B8"},{"vulnerable":true,"criteria":"cpe:2.3:a:xoops:rha7_downloads_module:1.10:*:*:*:*:*:*:*","matchCriteriaId":"CB8F8C65-E879-4EDC-9D97-7B51EF8CC65C"}]}]}],"references":[{"url":"http://osvdb.org/34460","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/24790","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/23320","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://www.exploit-db.com/exploits/3666","source":"cve@mitre.org"},{"url":"http://osvdb.org/34460","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/24790","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/23320","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://www.exploit-db.com/exploits/3666","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}