Application: Xoops XM-Memberstats Module
Affected Version: 2.0e and other versions.
Vendor’s URL: http://www.xoopsmalaysia.org
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Edit the source code to ensure that input is properly sanitized.
