Vulnerabilities > Xoops > High

DATE CVE VULNERABILITY TITLE RISK
2008-10-22 CVE-2008-4653 SQL Injection vulnerability in Xoops Makale 0.26
SQL injection vulnerability in makale.php in Makale 0.26 and possibly other versions, a module for XOOPS, allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
low complexity
xoops CWE-89
7.5
7.5
2008-10-03 CVE-2008-4433 SQL Injection vulnerability in Rmsoft Minishop Module 1.0
SQL injection vulnerability in search.php in the RMSOFT MiniShop module 1.0 for Xoops might allow remote attackers to execute arbitrary SQL commands via the itemsxpag parameter.
network
low complexity
rmsoft xoops CWE-89
7.5
7.5
2008-07-25 CVE-2008-3296 Path Traversal vulnerability in Xoops 2.0.18.1
Directory traversal vulnerability in modules/system/admin.php in XOOPS 2.0.18 1 allows remote attackers to include and execute arbitrary local files via a ..
network
low complexity
xoops CWE-22
7.5
7.5
2008-05-06 CVE-2008-2094 SQL Injection vulnerability in Xoops Article Module
SQL injection vulnerability in article.php in the Article module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
low complexity
xoops CWE-89
7.5
7.5
2008-03-17 CVE-2008-1351 SQL Injection vulnerability in Xoops Tutoriais Module 2.1B
SQL injection vulnerability in the Tutorials 2.1b module for XOOPS allows remote attackers to execute arbitrary SQL commands via the tid parameter to printpage.php, which is accessible directly or through a printpage action to index.php.
network
low complexity
xoops CWE-89
7.5
7.5
2008-02-28 CVE-2008-1065 SQL Injection vulnerability in Xoops XM Memberstats 2.0E
Multiple SQL injection vulnerabilities in index.php in the XM-Memberstats (xmmemberstats) 2.0e module for XOOPS allow remote attackers to execute arbitrary SQL commands via the (1) letter or (2) sortby parameter.
network
low complexity
xoops CWE-89
7.5
7.5
2008-02-25 CVE-2008-0936 SQL Injection vulnerability in Xoops Prayer List Module 1.04
SQL injection vulnerability in index.php in the Prayer List (prayerlist) 1.04 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.
network
low complexity
xoops CWE-89
7.5
7.5
2008-02-21 CVE-2008-0874 SQL Injection vulnerability in Xoops Eempregos Module
SQL injection vulnerability in index.php in the eEmpregos module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.
network
low complexity
xoops CWE-89
7.5
7.5
2008-02-21 CVE-2008-0847 SQL Injection vulnerability in Xoops Mytopics
SQL injection vulnerability in print.php in the myTopics module for XOOPS allows remote attackers to execute arbitrary SQL commands via the articleid parameter.
network
low complexity
xoops CWE-89
7.5
7.5
2008-02-06 CVE-2008-0612 Path Traversal vulnerability in Xoops 2.0.18
Directory traversal vulnerability in htdocs/install/index.php in XOOPS 2.0.18 allows remote attackers to include and execute arbitrary local files via a ..
network
low complexity
xoops CWE-22
7.5
7.5