Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xoops vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-1974
SQL injection vulnerability in the getArticle function in class/wfsarticle.php in WF-Section (aka WF-Sections) 1.0.1, as used in Xoops modules such as (1) Zmagazine 1.0, (2) Happy Linux XFsection 1.07 and previous versions, and possibly other modules, allows remote malicious user...
Wf-sections Wf-sections 1.0.1
Xoops Zmagazine Module 1.0
Xoops Happy Linux Xfsection Module
3 EDB exploits
7.5
CVSSv2
CVE-2008-2094
SQL injection vulnerability in article.php in the Article module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Xoops Article Module
2 EDB exploits
7.5
CVSSv2
CVE-2008-7178
Directory traversal vulnerability in Uploader module 1.1 for XOOPS allows remote malicious users to read arbitrary files via a .. (dot dot) in the filename parameter in a downloadfile action to index.php.
Xoops Uploader 1.1
1 EDB exploit
7.5
CVSSv2
CVE-2007-1838
SQL injection vulnerability in view.php in the Friendfinder 3.3 and previous versions module for Xoops allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Xoops Friendfinder Module
1 EDB exploit
7.5
CVSSv2
CVE-2007-1847
SQL injection vulnerability in viewcat.php in the Repository module for Xoops allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Xoops Repository Module
1 EDB exploit
7.5
CVSSv2
CVE-2007-3311
SQL injection vulnerability in print.php in the Articles 1.02 and previous versions module for Xoops allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Xoops Articles Module
2 EDB exploits
7.5
CVSSv2
CVE-2007-1814
SQL injection vulnerability in viewcat.php in the Core module for Xoops allows remote malicious users to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2007-0377.
Xoops Core Module
1 EDB exploit
7.5
CVSSv2
CVE-2007-1815
SQL injection vulnerability in viewcat.php in the Library module for Xoops allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Xoops Library Module
1 EDB exploit
7.5
CVSSv2
CVE-2007-1816
SQL injection vulnerability in viewcat.php in the Tutoriais module for Xoops allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Xoops Tutoriais Module
1 EDB exploit
7.5
CVSSv2
CVE-2007-1962
SQL injection vulnerability in index.php in the WF-Snippets 1.02 and previous versions module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the c parameter in a cat action.
Xoops Wf-snippets
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »