Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
e-xoops e-xoops vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-6380
Multiple SQL injection vulnerabilities in e-Xoops (exoops) 1.08, and 1.05 Rev 1 through 3, allow remote malicious users to execute arbitrary SQL commands via the (1) lid parameter to (a) mylinks/ratelink.php, (b) adresses/ratefile.php, (c) mydownloads/ratefile.php, (d) mysections...
E-xoops E-xoops 1.05 Rev1
E-xoops E-xoops 1.05 Rev3
E-xoops E-xoops 1.05 Rev2
E-xoops E-xoops 1.08
7 EDB exploits
4.3
CVSSv2
CVE-2005-0910
Multiple cross-site scripting (XSS) vulnerabilities in exoops allow remote malicious users to inject arbitrary web script or HTML via (1) the sortdays parameter to viewforum.php or (2) the viewcat parameter to index.php.
E-xoops E-xoops
7.5
CVSSv2
CVE-2005-0911
Multiple SQL injection vulnerabilities in exoops may allow remote malicious users to execute arbitrary SQL commands via (1) the viewcat parameter to index.php or (2) the artid parameter in the viewarticle action for index.php.
E-xoops E-xoops
5
CVSSv2
CVE-2005-0827
Viewcat.php in (1) RUNCMS 1.1A, (2) Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allow remote malicious users to obtain sensitive information via an invalid parameter to the convertorderbytrans function, which reveals the path in a P...
Runcms Runcms 1.1a
E-xoops E-xoops 1.05 Rev3
Ciamos Ciamos 0.9.2 Rc1
5
CVSSv2
CVE-2005-0828
highlight.php in (1) RUNCMS 1.1A, (2) CIAMOS 0.9.2 RC1, (3) e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allows remote malicious users to read arbitrary PHP files by specifying the pathname in the file parameter, as demonstrated by reading database co...
Runcms Runcms 1.1a
E-xoops E-xoops 1.05r3
Ciamos Ciamos 0.9.2 Rc1
1 EDB exploit
5
CVSSv2
CVE-2005-1031
RUNCMS 1.1A, and possibly other products based on e-Xoops (exoops), when "Allow custom avatar upload" is enabled, does not properly verify uploaded files, which allows remote malicious users to upload arbitrary files.
E-xoops E-xoops 1.05r3
Runcms Runcms 1.1
Runcms Runcms 1.1a
4.3
CVSSv2
CVE-2008-7036
Multiple cross-site scripting (XSS) vulnerabilities in index.php in DevTracker module 3.0 for bcoos 1.1.11 and previous versions, and DevTracker module 0.20 for E-XooPS 1.0.8 and previous versions, allow remote malicious users to inject arbitrary web script or HTML via the (1) di...
E-xoops E-xoops
E-xoops E-xoops 1.05
Bcoos Devtracker 0.20
Bcoos Devtracker 3.0
Bcoos Bcoos
Bcoos Bcoos 1.0.11
Bcoos Bcoos 1.0.10
Bcoos Bcoos 1.0.9
Bcoos Bcoos 1.0.12
Bcoos Bcoos 1.0.13
1 EDB exploit
7.5
CVSSv2
CVE-2003-0491
The Tutorials 2.0 module in XOOPS and E-XOOPS allows remote malicious users to execute arbitrary code by uploading a PHP file without a MIME image type, then directly accessing the uploaded file.
Mytutorials Tutorials 2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started