Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xoops xoops vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2007-2571
SQL injection vulnerability in index.php in the wfquotes 1.0 0 module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the c parameter in a cat action.
Xoops Wfquotes Module
1 EDB exploit
755
VMScore
CVE-2008-7178
Directory traversal vulnerability in Uploader module 1.1 for XOOPS allows remote malicious users to read arbitrary files via a .. (dot dot) in the filename parameter in a downloadfile action to index.php.
Xoops Uploader 1.1
1 EDB exploit
755
VMScore
CVE-2008-0874
SQL injection vulnerability in index.php in the eEmpregos module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the cid parameter in a view action.
Xoops Eempregos Module
1 EDB exploit
755
VMScore
CVE-2007-1807
SQL injection vulnerability in modules/myalbum/viewcat.php in the myAlbum-P 2.0 and previous versions module for Xoops allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Peak Xoops Myalbum P
1 EDB exploit
685
VMScore
CVE-2008-0138
PHP remote file inclusion vulnerability in xoopsgallery/init_basic.php in the mod_gallery module for XOOPS, when register_globals is disabled, allows remote malicious users to execute arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter.
Xoops Xoopsgallery Module 1.3.3 9
1 EDB exploit
755
VMScore
CVE-2014-3935
SQL injection vulnerability in glossaire-aff.php in the Glossaire module 1.0 for XOOPS allows remote malicious users to execute arbitrary SQL commands via the lettre parameter.
Xoops Glossaire Module 1.0
1 EDB exploit
383
VMScore
CVE-2008-1063
Cross-site scripting (XSS) vulnerability index.php in the XM-Memberstats (xmmemberstats) module for XOOPS allows remote malicious users to inject arbitrary web script or HTML via the sortby parameter.
Xoops Xm-memberstats 2.0
685
VMScore
CVE-2007-3057
PHP remote file inclusion vulnerability in include/wysiwyg/spaw_control.class.php in the icontent 4.5 module for XOOPS allows remote malicious users to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656.
Xoops Icontent Module 4.5
1 EDB exploit
755
VMScore
CVE-2007-5978
SQL injection vulnerability in brokenlink.php in the mylinks module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the lid parameter.
Xoops Mylinks Module 2.0.17.1
1 EDB exploit
755
VMScore
CVE-2008-1351
SQL injection vulnerability in the Tutorials 2.1b module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the tid parameter to printpage.php, which is accessible directly or through a printpage action to index.php.
Xoops Tutoriais Module 2.1b
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »