Show filters
98 Total Results
Displaying 31-40 of 98
Sort by:
Attacker Value
Unknown

CVE-2008-1065

Disclosure Date: February 28, 2008 (last updated October 04, 2023)
Multiple SQL injection vulnerabilities in index.php in the XM-Memberstats (xmmemberstats) 2.0e module for XOOPS allow remote attackers to execute arbitrary SQL commands via the (1) letter or (2) sortby parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
0
0
Attacker Value
Unknown

CVE-2008-1064

Disclosure Date: February 28, 2008 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in images.php in the Red Mexico RMSOFT Gallery System (GS) 2.0 module (aka rmgs) for XOOPS allows remote attackers to inject arbitrary web script or HTML via the q parameter.
0
0
Attacker Value
Unknown

CVE-2008-1063

Disclosure Date: February 28, 2008 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability index.php in the XM-Memberstats (xmmemberstats) module for XOOPS allows remote attackers to inject arbitrary web script or HTML via the sortby parameter.
0
0
Attacker Value
Unknown

CVE-2008-0937

Disclosure Date: February 25, 2008 (last updated October 04, 2023)
SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter in a print action, a different vector than CVE-2007-1811.
0
0
Attacker Value
Unknown

CVE-2008-0936

Disclosure Date: February 25, 2008 (last updated October 04, 2023)
SQL injection vulnerability in index.php in the Prayer List (prayerlist) 1.04 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.
0
0
Attacker Value
Unknown

CVE-2008-0874

Disclosure Date: February 21, 2008 (last updated October 04, 2023)
SQL injection vulnerability in index.php in the eEmpregos module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.
0
0
Attacker Value
Unknown

CVE-2008-0847

Disclosure Date: February 21, 2008 (last updated October 04, 2023)
SQL injection vulnerability in print.php in the myTopics module for XOOPS allows remote attackers to execute arbitrary SQL commands via the articleid parameter.
0
0
Attacker Value
Unknown

CVE-2008-0612

Disclosure Date: February 06, 2008 (last updated October 04, 2023)
Directory traversal vulnerability in htdocs/install/index.php in XOOPS 2.0.18 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
0
0
Attacker Value
Unknown

CVE-2008-0613

Disclosure Date: February 06, 2008 (last updated October 04, 2023)
Open redirect vulnerability in htdocs/user.php in XOOPS 2.0.18 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the xoops_redirect parameter.
0
0
Attacker Value
Unknown

CVE-2008-0611

Disclosure Date: February 06, 2008 (last updated October 04, 2023)
SQL injection vulnerability in rmgs/images.php in the RMSOFT Gallery System 2.0 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter.
0
0
View More Topics  < Previous  Next >