Lucene search
K

60 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Content Module 0.5 for XOOPS 'id' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37155/info The Content module for XOOPS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacke...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2012/08/30 12:0 a.m.12 views

Fedora Update for drupal6-date FEDORA-2012-4475

Check for the Version of drupal6-date OpenVAS Vulnerability Test Fedora Update for drupal6-date FEDORA-2012-4475 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

7.4AI score
Exploits0References2
Fedora
Fedora
added 2012/04/12 2:19 a.m.20 views

[SECURITY] Fedora 17 Update: drupal6-date-2.8-1.fc17

The Date API is available to be used by other modules and is not dependent on having CCK installed. The date module is a flexible date/time field type for the cck content module which requires the CCK content.module and the Date API module...

2.1AI score
Exploits0
Fedora
Fedora
added 2012/04/01 12:29 a.m.16 views

[SECURITY] Fedora 15 Update: drupal6-date-2.8-1.fc15

The Date API is available to be used by other modules and is not dependent on having CCK installed. The date module is a flexible date/time field type for the cck content module which requires the CCK content.module and the Date API module...

2.1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2011/09/13 7:59 p.m.0 views

CVE-2009-5096

Cross-site scripting XSS vulnerability in the Flag Content module 5.x-2.x before 5.x-2.10 for Drupal allows remote attackers to inject arbitrary web script or HTML via the Reason parameter...

4.3CVSS5.7AI score0.01263EPSS
Exploits0References8
CVE
CVE
added 2011/09/13 7:0 p.m.38 views

CVE-2009-5096

Technical details about CVE-2009-5096 are not publicly available in the provided connected documents. The Drupal Flag Content module XSS description exists, but data such as affected versions, root cause, or remediation are not corroborated here. Monitor for updates.

4.3CVSS5.9AI score0.01263EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2011/03/23 9:0 p.m.39 views

CVE-2010-4775

CVE-2010-4775 affects Drupal’s Relevant Content module (5.x prior to 5.x-1.4 and 6.x prior to 6.x-1.5). The issue is improper node access logic, enabling remote attackers to discover restricted node titles and relationships. No exploitation details or patches are provided in the connected documen...

5CVSS7AI score0.01489EPSS
Exploits0References7Affected Software1
OpenVAS
OpenVAS
added 2009/12/24 12:0 a.m.15 views

XOOPS Content Module 0.5 SQL Injection Vulnerability

XOOPS is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xoops:xoops"; ifdescriptio...

7.5CVSS7.7AI score0.00987EPSS
Exploits1References4
NVD
NVD
added 2009/12/20 2:30 a.m.17 views

CVE-2009-4360

SQL injection vulnerability in modules/content/index.php in the Content module 0.5 for XOOPS allows remote attackers to inject arbitrary web script or HTML via the id parameter...

7.5CVSS7.4AI score0.00987EPSS
Exploits1References4
Prion
Prion
added 2009/12/20 2:30 a.m.11 views

Sql injection

SQL injection vulnerability in modules/content/index.php in the Content module 0.5 for XOOPS allows remote attackers to inject arbitrary web script or HTML via the id parameter...

7.5CVSS8.1AI score0.00987EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2009/12/20 2:0 a.m.22 views

CVE-2009-4360

SQL injection vulnerability in modules/content/index.php in the Content module 0.5 for XOOPS allows remote attackers to inject arbitrary web script or HTML via the id parameter...

7.4AI score0.00987EPSS
Exploits1References4
CVE
CVE
added 2009/12/20 2:0 a.m.47 views

CVE-2009-4360

The CVE-2009-4360 issue affects the XOOPS Content Module 0.5, specifically the file modules/content/index.php. The vulnerability is an SQL injection in this component, exploitable via the id parameter, allowing remote attackers to inject arbitrary scripts or HTML. The published data indicates a C...

7.5CVSS7.4AI score0.00987EPSS
Exploits1References4Affected Software1
Packet Storm
Packet Storm
added 2009/12/01 12:0 a.m.26 views

XOOPS 2.0.x Content 0.5 SQL Injection

+Xoops 2.0.x Module Content +Donwload of Module:http://prdownloads.sourceforge.net/xoops/XOOPS2modcontent-0.5.zip?download +Author: s4r4d0 +mail:[email protected] +TEAM: Fatal Error +Bug: Sql injection has been found in index.php...

Exploits0
Exploit DB
Exploit DB
added 2009/11/30 12:0 a.m.36 views

Content Module 0.5 for XOOPS - 'id' SQL Injection

source: https://www.securityfocus.com/bid/37155/info The Content module for XOOPS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application,...

7AI score
Exploits0
Drupal
Drupal
added 2009/10/21 12:0 a.m.12 views

SA-CONTRIB-2009-076 - Flag Content Cross Site Scripting

The Flag Content module enables users to flag nodes and users for the attention of a site maintainer e.g. for abuse, spam, trolling, ...etc.. In some specific cases, the module does not sanitize before outputting the Reason field, resulting in a cross-site scripting XSS vulnerability. Such an...

5.9AI score
Exploits0References5
OpenVAS
OpenVAS
added 2009/08/17 12:0 a.m.24 views

Fedora Core 11 FEDORA-2009-8184 (drupal-date)

The remote host is missing an update to drupal-date announced via advisory FEDORA-2009-8184. OpenVAS Vulnerability Test $Id: fcore20098184.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-8184 drupal-date Authors: Thomas Reinke Copyright: Copyright c...

2.1CVSS6.6AI score0.01217EPSS
Exploits0
seebug.org
seebug.org
added 2007/06/14 12:0 a.m.32 views

XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability

No description provided by source. / \ / \ | | | | | | | | | | | / | | | | | | | ' / | | ' \ / \ | | | | || | || | | | \ | | | | / | , |/ /|| ||| |||| / | |/ INFO: Program Title XT-Conteudo XOOPS Module Remote File Inclusion&n...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/06/13 12:0 a.m.39 views

XOOPS Module XT-Conteudo - 'spaw_root' Remote File Inclusion

/ \ / \ | | | | | | | | | | | / | | | | | | | ' / | | ' \ / \ | | | | || | || | | | \ | | | | / | , |/ /|| ||| |||| / | |/ INFO: Program Title XT-Conteudo XOOPS Module Remote File Inclusion Vulnerability Description Content module for XOOPS CMS Vuln Code In /admin/spaw/spawcontrol.class.php...

7.4AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2006/12/02 11:28 a.m.4 views

CVE-2006-6234

Multiple SQL injection vulnerabilities in the Content module in PHP-Nuke 6.0, and possibly other versions, allow remote attackers to execute arbitrary SQL commands via 1 the cid parameter in a listpagescategories action or 2 the pid parameter in a showpage action...

7.5CVSS6.3AI score0.01898EPSS
Exploits1References5
CVE
CVE
added 2006/12/02 11:0 a.m.43 views

CVE-2006-6234

CVE-2006-6234 affects the Content module in PHP-Nuke 6.0 (and possibly other versions). The vulnerability is a SQL injection allowing remote attackers to execute arbitrary SQL commands via (1) the cid parameter in a list_pages_categories action or (2) the pid parameter in a showpage action. The N...

7.5CVSS8.9AI score0.01898EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder