Vulnerabilities > Marcello Brandao > Yogurt Social Network Module > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-08-13 | CVE-2008-3668 | Cross-Site Scripting vulnerability in Marcello Brandao Yogurt Social Network Module 3.2 Multiple cross-site scripting (XSS) vulnerabilities in the Yogurt Social Network module 3.2 rc1 for XOOPS allow remote attackers to inject arbitrary web script or HTML via the uid parameter to (1) friends.php, (2) seutubo.php, (3) album.php, (4) scrapbook.php, (5) index.php, or (6) tribes.php; or (7) the description field of a new scrap. | 4.3 |