Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xoops vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-4653
SQL injection vulnerability in makale.php in Makale 0.26 and possibly other versions, a module for XOOPS, allows remote malicious users to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.
Xoops Makale 0.26
1 EDB exploit
7.5
CVSSv2
CVE-2007-2571
SQL injection vulnerability in index.php in the wfquotes 1.0 0 module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the c parameter in a cat action.
Xoops Wfquotes Module
1 EDB exploit
7.5
CVSSv2
CVE-2008-2094
SQL injection vulnerability in article.php in the Article module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Xoops Article Module
2 EDB exploits
6.8
CVSSv2
CVE-2007-3221
PHP remote file inclusion vulnerability in admin/spaw/spaw_control.class.php in the XT-Conteudo module for XOOPS allows remote malicious users to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656.
Xoops Xt-conteudo Module
1 EDB exploit
7.5
CVSSv2
CVE-2007-3289
PHP remote file inclusion vulnerability in spaw/spaw_control.class.php in the WiwiMod 0.4 module for XOOPS allows remote malicious users to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656.
Xoops Wiwimod Module 0.4
1 EDB exploit
7.5
CVSSv2
CVE-2008-1351
SQL injection vulnerability in the Tutorials 2.1b module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the tid parameter to printpage.php, which is accessible directly or through a printpage action to index.php.
Xoops Tutoriais Module 2.1b
1 EDB exploit
6.8
CVSSv2
CVE-2008-0138
PHP remote file inclusion vulnerability in xoopsgallery/init_basic.php in the mod_gallery module for XOOPS, when register_globals is disabled, allows remote malicious users to execute arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter.
Xoops Xoopsgallery Module 1.3.3 9
1 EDB exploit
7.5
CVSSv2
CVE-2005-3681
SQL injection vulnerability in viewcat.php in XOOPS WF-Downloads module 2.05 allows remote malicious users to execute arbitrary SQL commands via the list parameter.
Xoops Wf-downloads 2.05
1 EDB exploit
7.5
CVSSv2
CVE-2007-3222
PHP remote file inclusion vulnerability in modify.php in the XFsection 1.07 module for XOOPS allows remote malicious users to execute arbitrary PHP code via a URL in the dir_module parameter.
Xoops Xfsection Module 1.07
1 EDB exploit
4.3
CVSSv2
CVE-2008-3560
Cross-site scripting (XSS) vulnerability in kshop_search.php in the Kshop module 2.22 for Xoops allows remote malicious users to inject arbitrary web script or HTML via the search parameter.
Xoops Kshop Module 2.22
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »