Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xoops vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-1974
SQL injection vulnerability in the getArticle function in class/wfsarticle.php in WF-Section (aka WF-Sections) 1.0.1, as used in Xoops modules such as (1) Zmagazine 1.0, (2) Happy Linux XFsection 1.07 and previous versions, and possibly other modules, allows remote malicious user...
Wf-sections Wf-sections 1.0.1
Xoops Zmagazine Module 1.0
Xoops Happy Linux Xfsection Module
3 EDB exploits
7.5
CVSSv2
CVE-2008-2094
SQL injection vulnerability in article.php in the Article module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Xoops Article Module
2 EDB exploits
7.5
CVSSv2
CVE-2008-4653
SQL injection vulnerability in makale.php in Makale 0.26 and possibly other versions, a module for XOOPS, allows remote malicious users to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.
Xoops Makale 0.26
1 EDB exploit
7.5
CVSSv2
CVE-2008-7178
Directory traversal vulnerability in Uploader module 1.1 for XOOPS allows remote malicious users to read arbitrary files via a .. (dot dot) in the filename parameter in a downloadfile action to index.php.
Xoops Uploader 1.1
1 EDB exploit
7.5
CVSSv2
CVE-2007-1815
SQL injection vulnerability in viewcat.php in the Library module for Xoops allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Xoops Library Module
1 EDB exploit
7.5
CVSSv2
CVE-2007-1838
SQL injection vulnerability in view.php in the Friendfinder 3.3 and previous versions module for Xoops allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Xoops Friendfinder Module
1 EDB exploit
7.5
CVSSv2
CVE-2007-1847
SQL injection vulnerability in viewcat.php in the Repository module for Xoops allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Xoops Repository Module
1 EDB exploit
7.5
CVSSv2
CVE-2007-2571
SQL injection vulnerability in index.php in the wfquotes 1.0 0 module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the c parameter in a cat action.
Xoops Wfquotes Module
1 EDB exploit
7.5
CVSSv2
CVE-2008-0874
SQL injection vulnerability in index.php in the eEmpregos module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the cid parameter in a view action.
Xoops Eempregos Module
1 EDB exploit
7.5
CVSSv2
CVE-2007-3311
SQL injection vulnerability in print.php in the Articles 1.02 and previous versions module for Xoops allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Xoops Articles Module
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »