Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xoops vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-0216
userinfo.php in XOOPS 1.0 RC1 allows remote malicious users to obtain sensitive information via a SQL injection attack in the "uid" parameter.
Xoops Xoops 1.0 Rc1
NA
CVE-2002-0217
Cross-site scripting (CSS) vulnerabilities in the Private Message System for XOOPS 1.0 RC1 allow remote malicious users to execute Javascript on other web clients via (1) the Title field or a Private Message Box or (2) the image field parameter in pmlite.php.
Xoops Xoops 1.0 Rc1
NA
CVE-2009-4582
SQL injection vulnerability in detail.php in the Dictionary module for XOOPS 2.0.18 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Xoops Xoops Dictionary 2.0.18
1 EDB exploit
NA
CVE-2005-0910
Multiple cross-site scripting (XSS) vulnerabilities in exoops allow remote malicious users to inject arbitrary web script or HTML via (1) the sortdays parameter to viewforum.php or (2) the viewcat parameter to index.php.
E-xoops E-xoops
NA
CVE-2005-0911
Multiple SQL injection vulnerabilities in exoops may allow remote malicious users to execute arbitrary SQL commands via (1) the viewcat parameter to index.php or (2) the artid parameter in the viewarticle action for index.php.
E-xoops E-xoops
NA
CVE-2007-2738
SQL injection vulnerability in glossaire-p-f.php in the Glossaire 1.7 and previous versions module for Xoops allows remote malicious users to execute arbitrary SQL commands via the sid parameter in an ImprDef action.
Xoops Xoops Glossaire Module
1 EDB exploit
NA
CVE-2006-0198
Cross-site scripting (XSS) vulnerability in a certain module, possibly poll or Pool, for XOOPS allows remote malicious users to inject arbitrary web script or HTML via JavaScript in the SRC attribute of an IMG element in a comment.
Xoops Xoops Pool Module
1 EDB exploit
NA
CVE-2008-2035
Cross-site scripting (XSS) vulnerability in the Bluemoon, Inc. (1) BackPack 0.91 and previous versions, (2) BmSurvey 0.84 and previous versions, (3) newbb_fileup 1.83 and previous versions, (4) News_embed (news_fileup) 1.44 and previous versions, and (5) PopnupBlog 3.19 and previ...
Xoops Xoops Cube 2.1
Bluemoon Backpack
Bluemoon News Fileup
Bluemoon Popnupblog
Bluemoon Bmsurvey
Bluemoon Newbb Fileup
Xoops Xoops 2.0
NA
CVE-2006-3363
PHP remote file inclusion vulnerability in index.php in the Glossaire module 1.7 for Xoops allows remote malicious users to execute arbitrary PHP code via a URL in the pa parameter.
Xoops Xoops Glossaire Module 1.7
1 EDB exploit
NA
CVE-2007-1976
PHP remote file inclusion vulnerability in index.php in the Virii Info 1.10 and previous versions module for Xoops allows remote malicious users to execute arbitrary PHP code via a URL in the xoopsConfig[root_path] parameter. NOTE: the issue has been disputed by a reliable third ...
Xoops Xoops Virii Info Module
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »