Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1341 matches found

OSV
OSVadded 2017/03/30 7:59 a.m.13 views

CVE-2017-7290

SQL injection vulnerability in XOOPS 2.5.7.2 and other versions before 2.5.8.1 allows remote authenticated administrators to execute arbitrary SQL commands via the url parameter to findusers.php. An example attack uses "into outfile" to create a backdoor program...

7.2CVSS8.5AI score0.02299EPSS
Exploits1References2
NVD
NVDadded 2017/03/30 7:59 a.m.16 views

CVE-2017-7290

SQL injection vulnerability in XOOPS 2.5.7.2 and other versions before 2.5.8.1 allows remote authenticated administrators to execute arbitrary SQL commands via the url parameter to findusers.php. An example attack uses "into outfile" to create a backdoor program...

7.2CVSS7.3AI score0.02299EPSS
Exploits1References2
Cvelist
Cvelistadded 2017/03/30 7:0 a.m.19 views

CVE-2017-7290

SQL injection vulnerability in XOOPS 2.5.7.2 and other versions before 2.5.8.1 allows remote authenticated administrators to execute arbitrary SQL commands via the url parameter to findusers.php. An example attack uses "into outfile" to create a backdoor program...

7.3AI score0.02299EPSS
Exploits1References2
CVE
CVEadded 2017/03/30 7:0 a.m.64 views

CVE-2017-7290

XOOPS (eXtensible Object Oriented Portal System) contains a SQL injection vulnerability in findusers.php affecting XOOPS 2.5.7.2 and other versions prior to 2.5.8.1. The flaw allows authenticated remote administrators to execute arbitrary SQL commands via the url parameter to findusers.php, with ...

7.2CVSS7.2AI score0.02299EPSS
Exploits1References2Affected Software1
seebug.org
seebug.orgadded 2016/04/14 12:0 a.m.15 views

Xoops 2.5.7.2 - Directory Traversal Bypass

No description provided by source...

7.1AI score
Exploits0
CNVD
CNVDadded 2016/04/14 12:0 a.m.1 views

XOOPS Cross-Site Request Forgery Vulnerability

XOOPS eXtensible Object Oriented Portal System is XOOPS team development and maintenance of a set of open source based on PHP and MySQL content management system . Cross-site request forgery vulnerabilities exist in XOOPS 2.5.7.2. A remote attacker can exploit these vulnerabilities to perform...

7.1AI score
Exploits0References1
seebug.org
seebug.orgadded 2016/04/14 12:0 a.m.19 views

Xoops 2.5.7.2 - Arbitrary User Deletions CSRF

No description provided by source...

7.1AI score
Exploits0
0day.today
0day.todayadded 2016/03/21 12:0 a.m.28 views

Xoops 2.5.7.2 - Cross-Site Request Forgery (Arbitrary User Deletions)

Exploit for php platform in category web applications var c=-1 var amttodelete=100 var id=document.getElementById"ids" var frm=document.getElementById"CSRF" function doit c++ arguments1.valu...

7.1AI score
Exploits0
exploitpack
exploitpackadded 2016/03/21 12:0 a.m.30 views

Xoops 2.5.7.2 - Cross-Site Request Forgery (Arbitrary User Deletions)

Xoops 2.5.7.2 - Cross-Site Request Forgery Arbitrary User Deletions var c=-1 var amttodelete=100 var id=document.getElementById"ids" var frm=document.getEleme...

0.6AI score
Exploits0
exploitpack
exploitpackadded 2016/03/21 12:0 a.m.17 views

XOOPS 2.5.7.2 - Directory Traversal Bypass

XOOPS 2.5.7.2 - Directory Traversal Bypass + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/XOOPS-DIRECTORY-TRAVERSAL.txt Vendor: ============= xoops.org Product: ================ Xoops 2.5.7.2 Vulnerability Type:...

Exploits0
0day.today
0day.todayadded 2016/03/21 12:0 a.m.24 views

Xoops 2.5.7.2 - Directory Traversal Bypass

Exploit for php platform in category web applications + Credits: John Page aka hyp3rlinx Vendor: ============= xoops.org Product: ================ Xoops 2.5.7.2 Vulnerability Type: =========================== Directory Traversal Bypass Vulnerability Details: ===================== Xoops 2.5.7.2 ha...

7.1AI score
Exploits0
Exploit DB
Exploit DBadded 2016/03/21 12:0 a.m.31 views

XOOPS 2.5.7.2 - Directory Traversal Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/XOOPS-DIRECTORY-TRAVERSAL.txt Vendor: ============= xoops.org Product: ================ Xoops 2.5.7.2 Vulnerability Type: =========================== Directory Traversal...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2016/03/21 12:0 a.m.33 views

Xoops 2.5.7.2 - Cross-Site Request Forgery (Arbitrary User Deletions)

var c=-1 var amttodelete=100 var id=document.getElementById"ids" var frm=document.getElementById"CSR...

7AI score
Exploits0
Packet Storm
Packet Stormadded 2016/03/18 12:0 a.m.34 views

XOOPS 2.5.7.2 Directory Traversal

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/XOOPS-DIRECTORY-TRAVERSAL.txt Vendor: ============= xoops.org Product: ================ Xoops 2.5.7.2 Vulnerability Type: =========================== Directory Traversal...

0.1AI score
Exploits0
Packet Storm
Packet Stormadded 2016/03/18 12:0 a.m.37 views

XOOPS 2.5.7.2 Cross Site Request Forgery

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/XOOPS-CSRF.txt Vendor: ============= xoops.org Product: ================ Xoops 2.5.7.2 Vulnerability Type: =================================== CSRF - Arbitrary User Deletions...

0.6AI score
Exploits0
exploitpack
exploitpackadded 2015/06/29 12:0 a.m.40 views

XOOPS 2.0.11 - Multiple Vulnerabilities

XOOPS 2.0.11 - Multiple Vulnerabilities XOOPS Multiple Vulnerabilities Vendor: XOOPS Product: XOOPS Version: = 2.0.11 Website: http://www.xoops.org/ BID: 14094 14096 CVE: CVE-2005-2112 CVE-2005-2113 OSVDB: 17633 17634 17635 SECUNIA: 15843 PACKETSTORM: 38372 Description: XOOPS is a very popular...

7.5CVSS0.7AI score0.0174EPSS
Exploits3
Exploit DB
Exploit DBadded 2015/06/29 12:0 a.m.51 views

XOOPS < 2.0.11 - Multiple Vulnerabilities

XOOPS Multiple Vulnerabilities Vendor: XOOPS Product: XOOPS Version: = 2.0.11 Website: http://www.xoops.org/ BID: 14094 14096 CVE: CVE-2005-2112 CVE-2005-2113 OSVDB: 17633 17634 17635 SECUNIA: 15843 PACKETSTORM: 38372 Description: XOOPS is a very popular dynamic web content management system...

7.5CVSS6.6AI score0.0174EPSS
Exploits3
Packet Storm
Packet Stormadded 2015/04/24 12:0 a.m.24 views

Xoops CMS 2.5.7.1 Cross Site Scripting

Hi Team, Affected Vendor: http://www.xoops.org/ Date: 24/04/2015 Discovered by: Joel Vadodil Varghese Type of vulnerability: Persistent XSS Tested on: Windows 8.1 Product: Xoops CMS Version: 2.5.7.1 Tested Link:...

0.1AI score
Exploits0
NVD
NVDadded 2014/11/20 1:55 p.m.13 views

CVE-2014-8999

SQL injection vulnerability in htdocs/modules/system/admin.php in XOOPS before 2.5.7 Final allows remote authenticated users to execute arbitrary SQL commands via the selgroups parameter...

6.5CVSS7.9AI score0.01658EPSS
Exploits1References4
Prion
Prionadded 2014/11/20 1:55 p.m.12 views

Sql injection

SQL injection vulnerability in htdocs/modules/system/admin.php in XOOPS before 2.5.7 Final allows remote authenticated users to execute arbitrary SQL commands via the selgroups parameter...

6.5CVSS8.6AI score0.01658EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder