Vulnerabilities > Xoops > Xoops Dictionary
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-01-06 | CVE-2009-4582 | SQL Injection vulnerability in Xoops Dictionary 2.0.18 SQL injection vulnerability in detail.php in the Dictionary module for XOOPS 2.0.18 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2004-08-28 | CVE-2004-1640 | Cross-Site vulnerability in Nagl XOOPS Dictionary Module Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 0.94 and 1.0 allow remote attackers to execute arbitrary web script and HTML via the (1) terme parameter to search.php or (2) letter parameter to letter.php. network xoops | 4.3 |