1341 matches found
CVE-2014-8999
SQL injection vulnerability in htdocs/modules/system/admin.php in XOOPS before 2.5.7 Final allows remote authenticated users to execute arbitrary SQL commands via the selgroups parameter...
CVE-2014-8999
CVE-2014-8999 describes an SQL injection in XOOPS prior to 2.5.7 Final. The vulnerability exists in htdocs/modules/system/admin.php via the selgroups parameter, allowing remote authenticated users to execute arbitrary SQL commands. Affected software: XOOPS (PHP-based CMS); vulnerable component: a...
XOOPS 2.5.6 blind SQL Injection Vulnerability
XOOPS versions 2.5.6 and below suffer from a remote blind SQL injection vulnerability. I. VULNERABILITY ------------------------- Blind SQL Injection in XOOPS 5.0.11 AND time-based blind comment' injectable INFO POST parameter 'selgroups' is 'OR boolean-based blind - WHERE or HAVING clause MySQL...
XOOPS 2.5.6 SQL Injection
============================================= MGC ALERT 2014-003 - Original release date: March 6, 2014 - Last revised: November 18, 2014 - Discovered by: Manuel Garcia Cardenas - Severity: 7,1/10 CVSS Base Score ============================================= I. VULNERABILITY...
XOOPS Module Uploader File Disclosure (CVE-2008-7178)
An information disclosure vulnerability has been reported in Xoops Uploader. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
XOOPS Module Qas codigo SQL Injection (CVE-2009-4714)
An SQL injection vulnerability has been reported in Alexandre Amaral Xoops Celepar. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
XOOPS Module xhresim Remote SQL Injection (CVE-2008-5665)
An SQL injection vulnerability has been reported in Xoops. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
XOOPS Flashgames Remote SQL Injection (CVE-2007-2543)
An SQL injection vulnerability has been reported in Xoops Flashgames Module. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
XOOPS Module Amevents SQL Injection (CVE-2008-5768)
An SQL injection vulnerability has been reported in Sirium Am Events Module. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
XOOPS Module Camportail Remote SQL Injection (CVE-2007-1808)
An SQL injection vulnerability has been reported in Camportail. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
XOOPS module Articles SQL Injection (CVE-2007-3311)
An SQL injection vulnerability has been reported in Xoops Articles Module. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
XOOPS Module Library Remote SQL Injection (CVE-2007-1815)
An SQL injection vulnerability has been reported in Xoops Library Module. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
XOOPS Module WF Links Remote SQL Injection (CVE-2007-2373)
An SQL injection vulnerability has been reported in Wf-links. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
XOOPS Module RM and Soft Gallery SQL Injection (CVE-2007-1806)
An SQL injection vulnerability has been reported in Red Mexico Rm+soft Gallery. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
XOOPS Module WF Section SQL Injection (CVE-2005-0725)
An SQL injection vulnerability has been reported in Wf-sections. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
XOOPS Module Friendfinder SQL Injection (CVE-2007-1838)
An SQL injection vulnerability has been reported in Xoops Friendfinder Module. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
XOOPS Module debaser SQL Injection (CVE-2007-1805)
An SQL injection vulnerability has been reported in Myxoops Debaser. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
XOOPS Module Tiny Event Remote SQL Injection (CVE-2007-1811)
An SQL injection vulnerability has been reported in Chapi Tiny Event. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
XOOPS Module makale Remote SQL Injection (CVE-2008-4653)
An SQL injection vulnerability has been reported in Xoops Makale. An attacker could exploit this vulnerability via the id parameter. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
XOOPS Module Kshop Remote SQL Injection (CVE-2007-1810)
An SQL injection vulnerability has been reported in Kaotik Kshop. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...