Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xoops xoops vulnerabilities and exploits
(subscribe to this query)
765
VMScore
CVE-2007-1974
SQL injection vulnerability in the getArticle function in class/wfsarticle.php in WF-Section (aka WF-Sections) 1.0.1, as used in Xoops modules such as (1) Zmagazine 1.0, (2) Happy Linux XFsection 1.07 and previous versions, and possibly other modules, allows remote malicious user...
Wf-sections Wf-sections 1.0.1
Xoops Zmagazine Module 1.0
Xoops Happy Linux Xfsection Module
3 EDB exploits
760
VMScore
CVE-2008-2094
SQL injection vulnerability in article.php in the Article module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Xoops Article Module
2 EDB exploits
755
VMScore
CVE-2007-2571
SQL injection vulnerability in index.php in the wfquotes 1.0 0 module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the c parameter in a cat action.
Xoops Wfquotes Module
1 EDB exploit
755
VMScore
CVE-2007-1814
SQL injection vulnerability in viewcat.php in the Core module for Xoops allows remote malicious users to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2007-0377.
Xoops Core Module
1 EDB exploit
755
VMScore
CVE-2007-1815
SQL injection vulnerability in viewcat.php in the Library module for Xoops allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Xoops Library Module
1 EDB exploit
755
VMScore
CVE-2007-1816
SQL injection vulnerability in viewcat.php in the Tutoriais module for Xoops allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Xoops Tutoriais Module
1 EDB exploit
755
VMScore
CVE-2008-7178
Directory traversal vulnerability in Uploader module 1.1 for XOOPS allows remote malicious users to read arbitrary files via a .. (dot dot) in the filename parameter in a downloadfile action to index.php.
Xoops Uploader 1.1
1 EDB exploit
755
VMScore
CVE-2008-4653
SQL injection vulnerability in makale.php in Makale 0.26 and possibly other versions, a module for XOOPS, allows remote malicious users to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.
Xoops Makale 0.26
1 EDB exploit
755
VMScore
CVE-2007-1838
SQL injection vulnerability in view.php in the Friendfinder 3.3 and previous versions module for Xoops allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Xoops Friendfinder Module
1 EDB exploit
755
VMScore
CVE-2007-1847
SQL injection vulnerability in viewcat.php in the Repository module for Xoops allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Xoops Repository Module
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »