Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bcoos bcoos vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2008-6381
SQL injection vulnerability in modules/adresses/viewcat.php in bcoos 1.0.13, and possibly earlier, allows remote authenticated users with Addresses module permissions to execute arbitrary SQL commands via the cid parameter.
Bcoos Bcoos 1.0.11
Bcoos Bcoos 1.0.10
Bcoos Bcoos 1.0.9
Bcoos Bcoos
Bcoos Bcoos 1.0.12
1 EDB exploit
5
CVSSv2
CVE-2008-2350
Directory traversal vulnerability in highlight.php in bcoos 1.0.9 up to and including 1.0.13 allows remote malicious users to read arbitrary files via (1) .. (dot dot) or (2) C: folder sequences in the file parameter.
Bcoos Bcoos 1.0.12
Bcoos Bcoos 1.0.13
Bcoos Bcoos 1.0.9
Bcoos Bcoos 1.0.10
Bcoos Bcoos 1.0.11
1 EDB exploit
4.3
CVSSv2
CVE-2008-7036
Multiple cross-site scripting (XSS) vulnerabilities in index.php in DevTracker module 3.0 for bcoos 1.1.11 and previous versions, and DevTracker module 0.20 for E-XooPS 1.0.8 and previous versions, allow remote malicious users to inject arbitrary web script or HTML via the (1) di...
E-xoops E-xoops
E-xoops E-xoops 1.05
Bcoos Devtracker 0.20
Bcoos Devtracker 3.0
Bcoos Bcoos
Bcoos Bcoos 1.0.11
Bcoos Bcoos 1.0.10
Bcoos Bcoos 1.0.9
Bcoos Bcoos 1.0.12
Bcoos Bcoos 1.0.13
1 EDB exploit
4.3
CVSSv2
CVE-2007-6274
Multiple cross-site scripting (XSS) vulnerabilities in modules/ecal/display.php in the Event Calendar in bcoos 1.0.10 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) day or (2) year parameter.
Bcoos Bcoos
7.5
CVSSv2
CVE-2007-6275
SQL injection vulnerability in modules/adresses/ratefile.php in bcoos 1.0.10 and previous versions allows remote malicious users to execute arbitrary SQL commands via the lid parameter, a different vector than CVE-2007-6266.
Bcoos Bcoos
1 EDB exploit
7.5
CVSSv2
CVE-2007-5104
SQL injection vulnerability in index.php in the Arcade module in bcoos 1.0.10 allows remote malicious users to execute arbitrary SQL commands via the gid parameter in a play_game action. NOTE: the provenance of this information is unknown; the details are obtained solely from thi...
Bcoos Bcoos 1.0.10
6.8
CVSSv2
CVE-2007-6079
Directory traversal vulnerability in include/common.php in bcoos 1.0.10 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the xoopsOption[pagetype] parameter to the default URI for modules/news/. NOTE: this can be leveraged by using ...
Bcoos Bcoos 1.0.10
1 EDB exploit
7.5
CVSSv2
CVE-2007-6080
SQL injection vulnerability in modules/banners/click.php in the banners module for bcoos 1.0.10 allows remote malicious users to execute arbitrary SQL commands via the bid parameter. NOTE: it was later reported that 1.0.13 is also affected.
Bcoos Bcoos 1.0.10
2 EDB exploits
7.5
CVSSv2
CVE-2007-6266
Multiple SQL injection vulnerabilities in bcoos 1.0.10 and previous versions allow remote malicious users to execute arbitrary SQL commands via (1) the gid parameter to modules/arcade/index.php in a show_stats action, or the lid parameter to (2) modules/myalbum/ratephoto.php or (...
Bcoos Bcoos 1.0.10
2 EDB exploits
4.3
CVSSv2
CVE-2007-6365
Cross-site scripting (XSS) vulnerability in modules/ecal/display.php in the Event Calendar in bcoos 1.0.10 allows remote malicious users to inject arbitrary web script or HTML via the month parameter. NOTE: the provenance of this information is unknown; the details are obtained s...
Bcoos Event Calendar 1.0.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started