Vulnerabilities > CVE-2006-5810 - Unspecified vulnerability in Xoops 1.0

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

xoops

exploit available

NVD

Published: 2006-11-08

Updated: 2024-02-14

Summary

Cross-site scripting (XSS) vulnerability in modules/wfdownloads/newlist.php in XOOPS 1.0 allows remote attackers to inject arbitrary web script or HTML via the newdownloadshowdays parameter.

Vulnerable Configurations

Part	Description	Count
Application	Xoops Xoops Xoops 1.0	1

Exploit-Db

description	Xoops 2.0.5 NewList.PHP Cross-Site Scripting Vulnerability. CVE-2006-5810. Webapps exploit for php platform
id	EDB-ID:28914
last seen	2016-02-03
modified	2006-11-06
published	2006-11-06
reporter	CvIr.System
source	https://www.exploit-db.com/download/28914/
title	Xoops 2.0.5 NewList.PHP Cross-Site Scripting Vulnerability

References

http://worldphantom.org/foro/index.php?PHPSESS=475e274a8eeb5ffa159e890b2a9cae64&topic=417.new
http://www.securityfocus.com/bid/20927