Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xoops vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4359
Cross-site scripting (XSS) vulnerability in folder.php in the SmartMedia 0.85 Beta module for XOOPS allows remote malicious users to inject arbitrary web script or HTML via the categoryid parameter.
Marc-andre Lanciault Smartmedia 0.85
1 EDB exploit
NA
CVE-2009-4360
SQL injection vulnerability in modules/content/index.php in the Content module 0.5 for XOOPS allows remote malicious users to inject arbitrary web script or HTML via the id parameter.
Handcoders Content Module 0.5
1 EDB exploit
NA
CVE-2009-3963
Multiple unspecified vulnerabilities in XOOPS prior to 2.4.0 Final have unknown impact and attack vectors.
Xoops Xoops 2.0.13.2
Xoops Xoops 2.0.13.1
Xoops Xoops 2.0.4
Xoops Xoops 2.0.18.1
Xoops Xoops 2.0.18
Xoops Xoops 2.3.2a
Xoops Xoops 2.2.3
Xoops Xoops 2.0.17.1
Xoops Xoops 2.0.11
Xoops Xoops 2.0.12 Jp
Xoops Xoops 2.0.2
Xoops Xoops 2.0.6
Xoops Xoops 2.0.9.3
Xoops Xoops 2.0.9.2
Xoops Xoops 2.0.1
Xoops Xoops 2.0.10
Xoops Xoops 2.0.3
Xoops Xoops 2.0.17 1
Xoops Xoops 2.3.1
Xoops Xoops 2.0.7
Xoops Xoops 2.0.16
Xoops Xoops 2.0.14
NA
CVE-2009-3240
Cross-site scripting (XSS) vulnerability in the Happy Linux XF-Section module 1.12a for XOOPS allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ohwada Xf-section 1.12a
NA
CVE-2008-7178
Directory traversal vulnerability in Uploader module 1.1 for XOOPS allows remote malicious users to read arbitrary files via a .. (dot dot) in the filename parameter in a downloadfile action to index.php.
Xoops Uploader 1.1
1 EDB exploit
NA
CVE-2008-7036
Multiple cross-site scripting (XSS) vulnerabilities in index.php in DevTracker module 3.0 for bcoos 1.1.11 and previous versions, and DevTracker module 0.20 for E-XooPS 1.0.8 and previous versions, allow remote malicious users to inject arbitrary web script or HTML via the (1) di...
E-xoops E-xoops
E-xoops E-xoops 1.05
Bcoos Devtracker 0.20
Bcoos Devtracker 3.0
Bcoos Bcoos
Bcoos Bcoos 1.0.11
Bcoos Bcoos 1.0.10
Bcoos Bcoos 1.0.9
Bcoos Bcoos 1.0.12
Bcoos Bcoos 1.0.13
1 EDB exploit
NA
CVE-2008-7038
SQL injection vulnerability in the My_eGallery module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the gid parameter in a showgall action to modules.php. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorr...
Maxdev My Egallery -
2 EDB exploits
NA
CVE-2009-2783
Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.3.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) op parameter to modules/pm/viewpmsg.php and (2) query string to modules/profile/user.php.
Xoops Xoops 2.3.3
1 EDB exploit
NA
CVE-2008-6884
Multiple directory traversal vulnerabilities in XOOPS 2.3.1, when register_globals is enabled, allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the xoopsConfig[language] parameter to (1) blocks.php and (2) main.php in xoops_lib/modul...
Xoops Xoops 2.3.1
1 EDB exploit
NA
CVE-2008-6885
Cross-site scripting (XSS) vulnerability in pmlite.php in XOOPS 2.3.1 and 2.3.2a allows remote malicious users to inject arbitrary web script or HTML via a STYLE attribute in a URL BBcode tag in a private message.
Xoops Xoops 2.3.1
Xoops Xoops 2.3.2a
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »