Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xoops vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-3560
Cross-site scripting (XSS) vulnerability in kshop_search.php in the Kshop module 2.22 for Xoops allows remote malicious users to inject arbitrary web script or HTML via the search parameter.
Xoops Kshop Module 2.22
1 EDB exploit
7.5
CVSSv2
CVE-2007-5978
SQL injection vulnerability in brokenlink.php in the mylinks module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the lid parameter.
Xoops Mylinks Module 2.0.17.1
1 EDB exploit
6.8
CVSSv2
CVE-2007-3057
PHP remote file inclusion vulnerability in include/wysiwyg/spaw_control.class.php in the icontent 4.5 module for XOOPS allows remote malicious users to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656.
Xoops Icontent Module 4.5
1 EDB exploit
7.5
CVSSv2
CVE-2005-3681
SQL injection vulnerability in viewcat.php in XOOPS WF-Downloads module 2.05 allows remote malicious users to execute arbitrary SQL commands via the list parameter.
Xoops Wf-downloads 2.05
1 EDB exploit
7.5
CVSSv2
CVE-2007-2543
SQL injection vulnerability in game.php in the Flashgames 1.0.1 module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the lid parameter.
Xoops Flashgames Module 1.0.1
1 EDB exploit
6.8
CVSSv2
CVE-2007-3221
PHP remote file inclusion vulnerability in admin/spaw/spaw_control.class.php in the XT-Conteudo module for XOOPS allows remote malicious users to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656.
Xoops Xt-conteudo Module
1 EDB exploit
7.5
CVSSv2
CVE-2007-3222
PHP remote file inclusion vulnerability in modify.php in the XFsection 1.07 module for XOOPS allows remote malicious users to execute arbitrary PHP code via a URL in the dir_module parameter.
Xoops Xfsection Module 1.07
1 EDB exploit
7.5
CVSSv2
CVE-2007-3236
PHP remote file inclusion vulnerability in footer.php in the Horoscope 1.0 module for XOOPS allows remote malicious users to execute arbitrary PHP code via a URL in the xoopsConfig[root_path] parameter.
Xoops Horoscope Module 1.0
1 EDB exploit
6.8
CVSSv2
CVE-2007-3237
PHP remote file inclusion vulnerability in admin/spaw/spaw_control.class.php in the TinyContent 1.5 module for XOOPS allows remote malicious users to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656.
Xoops Tinycontent Module 1.5
1 EDB exploit
7.5
CVSSv2
CVE-2007-1807
SQL injection vulnerability in modules/myalbum/viewcat.php in the myAlbum-P 2.0 and previous versions module for Xoops allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Peak Xoops Myalbum P
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »