Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xoops xoops vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2019-16684
An issue exists in the image-manager in Xoops 2.5.10. When any image with a JavaScript payload as its name is hovered over in the list or in the Edit page, the payload executes.
Xoops Xoops 2.5.10
383
VMScore
CVE-2002-2386
Cross-site scripting (XSS) vulnerability in the Quizz module for XOOPS 1.0, when allowing on-line question development, allows remote malicious users to inject arbitrary web script or HTML via a javascript: URL in the SRC attribute of an IMG tag.
Xoops Xoops 1.0 Rc3
383
VMScore
CVE-2005-0910
Multiple cross-site scripting (XSS) vulnerabilities in exoops allow remote malicious users to inject arbitrary web script or HTML via (1) the sortdays parameter to viewforum.php or (2) the viewcat parameter to index.php.
E-xoops E-xoops
668
VMScore
CVE-2005-0911
Multiple SQL injection vulnerabilities in exoops may allow remote malicious users to execute arbitrary SQL commands via (1) the viewcat parameter to index.php or (2) the artid parameter in the viewarticle action for index.php.
E-xoops E-xoops
755
VMScore
CVE-2007-2738
SQL injection vulnerability in glossaire-p-f.php in the Glossaire 1.7 and previous versions module for Xoops allows remote malicious users to execute arbitrary SQL commands via the sid parameter in an ImprDef action.
Xoops Xoops Glossaire Module
1 EDB exploit
435
VMScore
CVE-2006-0198
Cross-site scripting (XSS) vulnerability in a certain module, possibly poll or Pool, for XOOPS allows remote malicious users to inject arbitrary web script or HTML via JavaScript in the SRC attribute of an IMG element in a comment.
Xoops Xoops Pool Module
1 EDB exploit
755
VMScore
CVE-2009-4582
SQL injection vulnerability in detail.php in the Dictionary module for XOOPS 2.0.18 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Xoops Xoops Dictionary 2.0.18
1 EDB exploit
383
VMScore
CVE-2008-2035
Cross-site scripting (XSS) vulnerability in the Bluemoon, Inc. (1) BackPack 0.91 and previous versions, (2) BmSurvey 0.84 and previous versions, (3) newbb_fileup 1.83 and previous versions, (4) News_embed (news_fileup) 1.44 and previous versions, and (5) PopnupBlog 3.19 and previ...
Xoops Xoops Cube 2.1
Bluemoon Backpack
Bluemoon News Fileup
Bluemoon Popnupblog
Bluemoon Bmsurvey
Bluemoon Newbb Fileup
Xoops Xoops 2.0
515
VMScore
CVE-2006-3363
PHP remote file inclusion vulnerability in index.php in the Glossaire module 1.7 for Xoops allows remote malicious users to execute arbitrary PHP code via a URL in the pa parameter.
Xoops Xoops Glossaire Module 1.7
1 EDB exploit
668
VMScore
CVE-2007-1976
PHP remote file inclusion vulnerability in index.php in the Virii Info 1.10 and previous versions module for Xoops allows remote malicious users to execute arbitrary PHP code via a URL in the xoopsConfig[root_path] parameter. NOTE: the issue has been disputed by a reliable third ...
Xoops Xoops Virii Info Module
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »