Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xoops vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-1974
SQL injection vulnerability in the getArticle function in class/wfsarticle.php in WF-Section (aka WF-Sections) 1.0.1, as used in Xoops modules such as (1) Zmagazine 1.0, (2) Happy Linux XFsection 1.07 and previous versions, and possibly other modules, allows remote malicious user...
Wf-sections Wf-sections 1.0.1
Xoops Zmagazine Module 1.0
Xoops Happy Linux Xfsection Module
3 EDB exploits
NA
CVE-2007-1814
SQL injection vulnerability in viewcat.php in the Core module for Xoops allows remote malicious users to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2007-0377.
Xoops Core Module
1 EDB exploit
NA
CVE-2007-1815
SQL injection vulnerability in viewcat.php in the Library module for Xoops allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Xoops Library Module
1 EDB exploit
NA
CVE-2007-1816
SQL injection vulnerability in viewcat.php in the Tutoriais module for Xoops allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Xoops Tutoriais Module
1 EDB exploit
NA
CVE-2007-1838
SQL injection vulnerability in view.php in the Friendfinder 3.3 and previous versions module for Xoops allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Xoops Friendfinder Module
1 EDB exploit
NA
CVE-2007-1962
SQL injection vulnerability in index.php in the WF-Snippets 1.02 and previous versions module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the c parameter in a cat action.
Xoops Wf-snippets
1 EDB exploit
NA
CVE-2008-7178
Directory traversal vulnerability in Uploader module 1.1 for XOOPS allows remote malicious users to read arbitrary files via a .. (dot dot) in the filename parameter in a downloadfile action to index.php.
Xoops Uploader 1.1
1 EDB exploit
NA
CVE-2007-3311
SQL injection vulnerability in print.php in the Articles 1.02 and previous versions module for Xoops allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Xoops Articles Module
2 EDB exploits
NA
CVE-2008-2094
SQL injection vulnerability in article.php in the Article module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Xoops Article Module
2 EDB exploits
NA
CVE-2007-1847
SQL injection vulnerability in viewcat.php in the Repository module for Xoops allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Xoops Repository Module
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »