60 matches found
Content Module 0.5 for XOOPS 'id' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37155/info The Content module for XOOPS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacke...
Fedora Update for drupal6-date FEDORA-2012-4475
Check for the Version of drupal6-date OpenVAS Vulnerability Test Fedora Update for drupal6-date FEDORA-2012-4475 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
[SECURITY] Fedora 17 Update: drupal6-date-2.8-1.fc17
The Date API is available to be used by other modules and is not dependent on having CCK installed. The date module is a flexible date/time field type for the cck content module which requires the CCK content.module and the Date API module...
[SECURITY] Fedora 15 Update: drupal6-date-2.8-1.fc15
The Date API is available to be used by other modules and is not dependent on having CCK installed. The date module is a flexible date/time field type for the cck content module which requires the CCK content.module and the Date API module...
CVE-2009-5096
Cross-site scripting XSS vulnerability in the Flag Content module 5.x-2.x before 5.x-2.10 for Drupal allows remote attackers to inject arbitrary web script or HTML via the Reason parameter...
CVE-2009-5096
Technical details about CVE-2009-5096 are not publicly available in the provided connected documents. The Drupal Flag Content module XSS description exists, but data such as affected versions, root cause, or remediation are not corroborated here. Monitor for updates.
CVE-2010-4775
CVE-2010-4775 affects Drupal’s Relevant Content module (5.x prior to 5.x-1.4 and 6.x prior to 6.x-1.5). The issue is improper node access logic, enabling remote attackers to discover restricted node titles and relationships. No exploitation details or patches are provided in the connected documen...
XOOPS Content Module 0.5 SQL Injection Vulnerability
XOOPS is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xoops:xoops"; ifdescriptio...
CVE-2009-4360
SQL injection vulnerability in modules/content/index.php in the Content module 0.5 for XOOPS allows remote attackers to inject arbitrary web script or HTML via the id parameter...
Sql injection
SQL injection vulnerability in modules/content/index.php in the Content module 0.5 for XOOPS allows remote attackers to inject arbitrary web script or HTML via the id parameter...
CVE-2009-4360
SQL injection vulnerability in modules/content/index.php in the Content module 0.5 for XOOPS allows remote attackers to inject arbitrary web script or HTML via the id parameter...
CVE-2009-4360
The CVE-2009-4360 issue affects the XOOPS Content Module 0.5, specifically the file modules/content/index.php. The vulnerability is an SQL injection in this component, exploitable via the id parameter, allowing remote attackers to inject arbitrary scripts or HTML. The published data indicates a C...
XOOPS 2.0.x Content 0.5 SQL Injection
+Xoops 2.0.x Module Content +Donwload of Module:http://prdownloads.sourceforge.net/xoops/XOOPS2modcontent-0.5.zip?download +Author: s4r4d0 +mail:[email protected] +TEAM: Fatal Error +Bug: Sql injection has been found in index.php...
Content Module 0.5 for XOOPS - 'id' SQL Injection
source: https://www.securityfocus.com/bid/37155/info The Content module for XOOPS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application,...
SA-CONTRIB-2009-076 - Flag Content Cross Site Scripting
The Flag Content module enables users to flag nodes and users for the attention of a site maintainer e.g. for abuse, spam, trolling, ...etc.. In some specific cases, the module does not sanitize before outputting the Reason field, resulting in a cross-site scripting XSS vulnerability. Such an...
Fedora Core 11 FEDORA-2009-8184 (drupal-date)
The remote host is missing an update to drupal-date announced via advisory FEDORA-2009-8184. OpenVAS Vulnerability Test $Id: fcore20098184.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-8184 drupal-date Authors: Thomas Reinke Copyright: Copyright c...
XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
No description provided by source. / \ / \ | | | | | | | | | | | / | | | | | | | ' / | | ' \ / \ | | | | || | || | | | \ | | | | / | , |/ /|| ||| |||| / | |/ INFO: Program Title XT-Conteudo XOOPS Module Remote File Inclusion&n...
XOOPS Module XT-Conteudo - 'spaw_root' Remote File Inclusion
/ \ / \ | | | | | | | | | | | / | | | | | | | ' / | | ' \ / \ | | | | || | || | | | \ | | | | / | , |/ /|| ||| |||| / | |/ INFO: Program Title XT-Conteudo XOOPS Module Remote File Inclusion Vulnerability Description Content module for XOOPS CMS Vuln Code In /admin/spaw/spawcontrol.class.php...
CVE-2006-6234
Multiple SQL injection vulnerabilities in the Content module in PHP-Nuke 6.0, and possibly other versions, allow remote attackers to execute arbitrary SQL commands via 1 the cid parameter in a listpagescategories action or 2 the pid parameter in a showpage action...
CVE-2006-6234
CVE-2006-6234 affects the Content module in PHP-Nuke 6.0 (and possibly other versions). The vulnerability is a SQL injection allowing remote attackers to execute arbitrary SQL commands via (1) the cid parameter in a list_pages_categories action or (2) the pid parameter in a showpage action. The N...