CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2019/09/30 4:15 p.m.•22 views

CVE-2019-16683

An issue was discovered in the image-manager in Xoops 2.5.10. When the breadcrumb showing the category name is hovered over while editing any image, a JavaScript payload executes...

4.8CVSS6.8AI score0.01024EPSS

OSV•added 2019/09/30 4:15 p.m.•8 views

CVE-2019-16684

An issue was discovered in the image-manager in Xoops 2.5.10. When any image with a JavaScript payload as its name is hovered over in the list or in the Edit page, the payload executes...

4.8CVSS6.8AI score0.01024EPSS

Prion•added 2019/09/30 4:15 p.m.•15 views

Information disclosure

An issue was discovered in the image-manager in Xoops 2.5.10. When any image with a JavaScript payload as its name is hovered over in the list or in the Edit page, the payload executes...

3.5CVSS5.1AI score0.01024EPSS

Prion•added 2019/09/30 4:15 p.m.•17 views

Information disclosure

An issue was discovered in the image-manager in Xoops 2.5.10. When the breadcrumb showing the category name is hovered over while editing any image, a JavaScript payload executes...

3.5CVSS5.1AI score0.01024EPSS

CVE•added 2019/09/30 3:28 p.m.•53 views

CVE-2019-16684

CVE-2019-16684 affects Xoops 2.5.10 image-manager. A stored cross-site scripting issue occurs when an image is named with a JavaScript payload; hovering over such items in the list or Edit page causes the payload to execute. The Red Hat entry corroborates the same description. No explicit remedia...

4.8CVSS5.1AI score0.01024EPSS

CVE•added 2019/09/30 3:15 p.m.•56 views

CVE-2019-16683

The CVE-2019-16683 vulnerability affects the Xoops 2.5.10 image-manager. When editing an image, hovering the breadcrumb that shows the category name triggers a JavaScript payload, indicating a cross-site scripting issue in the image-manager component. The available sources describe the affected f...

4.8CVSS5.1AI score0.01024EPSS

Cvelist•added 2019/09/30 3:15 p.m.•24 views

CVE-2019-16683

An issue was discovered in the image-manager in Xoops 2.5.10. When the breadcrumb showing the category name is hovered over while editing any image, a JavaScript payload executes...

5.2AI score0.01024EPSS

0day.today•added 2019/05/14 12:0 a.m.•213 views

XOOPS CMS 2.5.9 SQL Injection Vulnerability

Exploit for php platform in category web applications + Sql Injection on XOOPS CMS v.2.5.9 + Risk: High + CWE Number : CWE-89 + Author: Felipe Andrian Peixoto + Vendor Homepage: https://xoops.org/ + Contact: email protected + Tested on: Windows 7 and Gnu/Linux + Dork: inurl:gerarpdf.php...

exploitpack•added 2019/05/13 12:0 a.m.•23 views

XOOPS 2.5.9 - SQL Injection

XOOPS 2.5.9 - SQL Injection + Sql Injection on XOOPS CMS v.2.5.9 + Date: 12/05/2019 + Risk: High + CWE Number : CWE-89 + Author: Felipe Andrian Peixoto + Vendor Homepage: https://xoops.org/ + Contact: [email protected] + Tested on: Windows 7 and Gnu/Linux + Dork: inurl:gerarpdf.php...

0.1AI score

Packet Storm•added 2019/05/13 12:0 a.m.•74 views

XOOPS CMS 2.5.9 SQL Injection

Sql Injection on XOOPS CMS v.2.5.9 + Date: 12/05/2019 + Risk: High + CWE Number : CWE-89 + Author: Felipe Andrian Peixoto + Vendor Homepage: https://xoops.org/ + Contact: [email protected] + Tested on: Windows 7 and Gnu/Linux + Dork: inurl:gerarpdf.php inurl:modules // use your brain ; +...

0.3AI score

Exploit DB•added 2019/05/13 12:0 a.m.•90 views

XOOPS 2.5.9 - SQL Injection

7.4AI score

Packet Storm•added 2019/03/04 12:0 a.m.•49 views

Xoops 1.0.2 PD-Links 1.0 Database Disclosure

Exploit Title : Xoops 1.0.2 PD-Links Modules 1.0 Krobi Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 03/03/2019 Vendor Homepage : xoops.org power-dreams.com Software Download Link : xoops.org/modules/repository/visit.php?cid=40&lid=1491...

7.4AI score