Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xoops vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2007-1846
SQL injection vulnerability in index.php in the MyAds 2.04jp and previous versions module for Xoops allows remote malicious users to execute arbitrary SQL commands via the cid parameter, different vectors than CVE-2006-3341.
Xoops Malaika System Myads Module
1 EDB exploit
685
VMScore
CVE-2007-3220
PHP remote file inclusion vulnerability in admin/editor2/spaw_control.class.php in the Cjay Content 3 module for XOOPS allows remote malicious users to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this may be a duplicate of CVE-2006-4656.
Xoops Cjay Content Module 3
1 EDB exploit
755
VMScore
CVE-2008-0936
SQL injection vulnerability in index.php in the Prayer List (prayerlist) 1.04 module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the cid parameter in a view action.
Xoops Prayer List Module 1.04
1 EDB exploit
435
VMScore
CVE-2009-4713
Multiple cross-site scripting (XSS) vulnerabilities in the Qas (aka Quas) module for XOOPS Celepar allow remote malicious users to inject arbitrary web script or HTML via (1) the cod_categoria parameter to categoria.php, (2) the opcao parameter to index.php, and the PATH_INFO to ...
Alexandre Amaral Xoops Celepar 1.0.1
1 EDB exploit
435
VMScore
CVE-2009-4714
Cross-site scripting (XSS) vulnerability in the quiz module for XOOPS Celepar allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to cadastro_usuario.php.
Alexandre Amaral Xoops Celepar 1.0.1
1 EDB exploit
755
VMScore
CVE-2007-2370
SQL injection vulnerability in index.php in the John Mordo Jobs 2.4 and previous versions module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the cid parameter in a jobsview action. NOTE: the module name was originally reported as Job Listings.
Xoops John Mordo Jobs Module
1 EDB exploit
668
VMScore
CVE-2007-5115
Multiple PHP remote file inclusion vulnerabilities in Ekke Doerre Contenido 42VariablVersion (42VV10) in contenido_hacks in Mods 4 Xoops Contenido eZ publish (pdf4cms) allow remote malicious users to execute arbitrary PHP code via a URL in the cfgPathInc parameter to (1) main_upl...
Ekke Doerre Mods 4 Xoops Contenido Ez Publish
685
VMScore
CVE-2008-0937
SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the id parameter in a print action, a different vector than CVE-2007-1811.
Tinyevent Tinyevent 1.01
Xoops Tiny Event Module 1.01
1 EDB exploit
765
VMScore
CVE-2005-0725
SQL injection vulnerability in the getAllbyArticle function in wfsfiles.php for WF-Sections (wfsections) 1.07 allows remote malicious users to execute arbitrary SQL commands via the articleid parameter to article.php.
Wf-sections Wf-sections 1.07
3 EDB exploits
755
VMScore
CVE-2008-5768
SQL injection vulnerability in print.php in the AM Events (aka Amevents) module 0.22 for XOOPS allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Sirium Am Events Module 0.22
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »