Vulnerabilities > Xoops

DATE	CVE	VULNERABILITY TITLE	RISK
2009-09-08	CVE-2008-7178	Path Traversal vulnerability in Xoops Uploader 1.1 Directory traversal vulnerability in Uploader module 1.1 for XOOPS allows remote attackers to read arbitrary files via a .. network low complexity xoops CWE-22	7.5
2009-07-31	CVE-2008-6885	Cross-Site Scripting vulnerability in Xoops 2.3.1/2.3.2A Cross-site scripting (XSS) vulnerability in pmlite.php in XOOPS 2.3.1 and 2.3.2a allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute in a URL BBcode tag in a private message. network xoops CWE-79	4.3
2009-07-31	CVE-2008-6884	Path Traversal vulnerability in Xoops 2.3.1 Multiple directory traversal vulnerabilities in XOOPS 2.3.1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. network xoops CWE-22	6.8
2009-06-22	CVE-2009-2162	Cross-Site Scripting vulnerability in Ishii Pukiwikimod Cross-site scripting (XSS) vulnerability in the XOOPS MANIAC PukiWikiMod module 1.6.6.2 and earlier for XOOPS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network ishii xoops CWE-79	4.3
2009-03-04	CVE-2009-0805	Cross-Site Scripting vulnerability in Mihai Bazon Pical Cross-site scripting (XSS) vulnerability in piCal 0.91h and earlier, a module for XOOPS, allows remote attackers to inject arbitrary web script or HTML via the event_id parameter in index.php. network mihai-bazon xoops CWE-79	4.3
2008-12-30	CVE-2008-5768	SQL Injection vulnerability in Sirium AM Events Module 0.22 SQL injection vulnerability in print.php in the AM Events (aka Amevents) module 0.22 for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter. network low complexity sirium xoops CWE-89	7.5
2008-12-19	CVE-2008-5665	SQL Injection vulnerability in Xoops SQL injection vulnerability in index.php in the xhresim module in XOOPS allows remote attackers to execute arbitrary SQL commands via the no parameter. network low complexity xoops CWE-89	7.5
2008-12-03	CVE-2008-5321	SQL Injection vulnerability in Xoops Hocasi Gesgaleri NIL SQL injection vulnerability in index.php in GesGaleri, a module for XOOPS, allows remote attackers to execute arbitrary SQL commands via the no parameter. network low complexity xoops-hocasi xoops CWE-89	7.5
2008-10-22	CVE-2008-4653	SQL Injection vulnerability in Xoops Makale 0.26 SQL injection vulnerability in makale.php in Makale 0.26 and possibly other versions, a module for XOOPS, allows remote attackers to execute arbitrary SQL commands via the id parameter. network low complexity xoops CWE-89	7.5
2008-10-21	CVE-2008-4635	Information Exposure vulnerability in Hisanaga Electric CO Hisa Cart Unspecified vulnerability in Hisanaga Electric Co, Ltd. network low complexity hisanaga-electric-co xoops CWE-200	5.0

Vulnerabilities > Xoops {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Xoops"}]}

Vulnerabilities > Xoops