CVE-2004-1640

2005-02-2005:00:00

mitre

www.cve.org

6.1 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

82.1%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 0.94 and 1.0 allow remote attackers to execute arbitrary web script and HTML via the (1) terme parameter to search.php or (2) letter parameter to letter.php.

References

cyruxnet.org/modulo_dic_xoops.htm

marc.info/?l=bugtraq&m=109394077209963&w=2

secunia.com/advisories/12424

www.osvdb.org/9393

www.osvdb.org/9394

www.securityfocus.com/bid/11064

exchange.xforce.ibmcloud.com/vulnerabilities/17152

exchange.xforce.ibmcloud.com/vulnerabilities/17154