e-xoops e-xoops 1.05 vulnerabilities and exploits

(subscribe to this query)

7.5

CVSSv2

Multiple SQL injection vulnerabilities in e-Xoops (exoops) 1.08, and 1.05 Rev 1 through 3, allow remote malicious users to execute arbitrary SQL commands via the (1) lid parameter to (a) mylinks/ratelink.php, (b) adresses/ratefile.php, (c) mydownloads/ratefile.php, (d) mysections...

E-xoops E-xoops 1.05 Rev1 E-xoops E-xoops 1.05 Rev3 E-xoops E-xoops 1.05 Rev2 E-xoops E-xoops 1.08

7 EDB exploits

4.3

CVSSv2

Multiple cross-site scripting (XSS) vulnerabilities in index.php in DevTracker module 3.0 for bcoos 1.1.11 and previous versions, and DevTracker module 0.20 for E-XooPS 1.0.8 and previous versions, allow remote malicious users to inject arbitrary web script or HTML via the (1) di...

E-xoops E-xoops E-xoops E-xoops 1.05 Bcoos Devtracker 0.20 Bcoos Devtracker 3.0 Bcoos Bcoos Bcoos Bcoos 1.0.11 Bcoos Bcoos 1.0.10 Bcoos Bcoos 1.0.9 Bcoos Bcoos 1.0.12 Bcoos Bcoos 1.0.13

1 EDB exploit

5

CVSSv2

Viewcat.php in (1) RUNCMS 1.1A, (2) Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allow remote malicious users to obtain sensitive information via an invalid parameter to the convertorderbytrans function, which reveals the path in a P...

Runcms Runcms 1.1a E-xoops E-xoops 1.05 Rev3 Ciamos Ciamos 0.9.2 Rc1

5

CVSSv2

highlight.php in (1) RUNCMS 1.1A, (2) CIAMOS 0.9.2 RC1, (3) e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allows remote malicious users to read arbitrary PHP files by specifying the pathname in the file parameter, as demonstrated by reading database co...

Runcms Runcms 1.1a E-xoops E-xoops 1.05r3 Ciamos Ciamos 0.9.2 Rc1

1 EDB exploit

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook