Vulnerabilities > CVE-2005-2112 - Unspecified vulnerability in Xoops

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
xoops
nessus
exploit available
NVD
Published: 2005-07-05
Updated: 2024-11-20

Summary

Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.0.11 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) order parameter to edit.php or (2) cid parameter to comment_edit.php.

Vulnerable Configurations

Part Description Count
Application
Xoops
15

Exploit-Db

descriptionXOOPS < 2.0.11 - Multiple Vulnerabilities. CVE-2005-2112,CVE-2005-2113. Webapps exploit for PHP platform
idEDB-ID:43827
last seen2018-01-24
modified2015-06-29
published2015-06-29
reporterExploit-DB
sourcehttps://www.exploit-db.com/download/43827/
titleXOOPS < 2.0.11 - Multiple Vulnerabilities

Nessus

NASL familyCGI abuses
NASL idXOOPS_2012.NASL
descriptionThe installed version of XOOPS on the remote host is affected by several vulnerabilities : - A SQL Injection Vulnerability The bundled XMLRPC server fails to sanitize user- supplied input to the
last seen2020-06-01
modified2020-06-02
plugin id18614
published2005-07-05
reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/18614
titleXOOPS < 2.0.12 Multiple Vulnerabilities

References