Vulnerabilities > Xoops > XM Memberstats
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-02-28 | CVE-2008-1065 | SQL Injection vulnerability in Xoops XM Memberstats 2.0E Multiple SQL injection vulnerabilities in index.php in the XM-Memberstats (xmmemberstats) 2.0e module for XOOPS allow remote attackers to execute arbitrary SQL commands via the (1) letter or (2) sortby parameter. | 7.5 |
| 2008-02-28 | CVE-2008-1063 | Cross-Site Scripting vulnerability in Xoops Xm-Memberstats 2.0 Cross-site scripting (XSS) vulnerability index.php in the XM-Memberstats (xmmemberstats) module for XOOPS allows remote attackers to inject arbitrary web script or HTML via the sortby parameter. | 4.3 |