1341 matches found
XOOPS Flashgames Module 1.0.1 - Remote SQL Injection Vulnerability
No description provided by source...
Xoops 2.0.18 modules/system/admin.php fct Parameter Traversal Local File Inclusion
No description provided by source...
XOOPS 2.0 XoopsOption Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7149/info XOOPS has been reported vulnerable to an information disclosure vulnerability. According to the report, path information and other sensitive data may be output in server error messages. Information obtained in...
XOOPS <= 2.0.13.2 xoopsOption[nocommon] Remote Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo XOOPS = 2.0.13.2 'xoopsOptionnocommon' exploit\r\n; echo by rgod [email protected]\r\n; echo site: http://retrogod.altervista.org\r\n\r\n; / works with: magicquotesgpc = Off registerglobals = On / if $argc4 echo Usage:...
E-Xoops 1.0.5/1.0.8 modules/banners/click.php bid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
Nagl XOOPS Dictionary Module 1.0 - Multiple Cross-Site Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/11064/info Reportedly the XOOPS Dictionary Module by Nagle is affected by multiple cross-site scripting vulnerabilities. This issue is due to a failure of the application to properly sanitize user-supplied URI input. As a...
XOOPS MyTutorials Module 2.1 - 'printpage.php' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28230/info MyTutorials is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise t...
XOOPS 'vacatures' Module - 'cid' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27889/info XOOPS 'vacatures' module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
E-Xoops 1.0.5/1.0.8 adresses/ratefile.php lid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
XOOPS 1.0 RC3 HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5785/info Problems with XOOPS could make it possible to execute arbitrary script code in a vulnerable client. XOOPS does not sufficiently filter potentially malicious HTML code from posted messages. As a result, when a us...
Xoops 2.5.4 - Blind SQL Injection
No description provided by source. ------------------------------------------ Xoops 2.5.4 Blind SQL Injection ------------------------------------------ Dork: Powered by XOOPS 2.5.4 Download: http://sourceforge.net/projects/xoops/ Date: 10/12/2011 Author: blkhtc0rp Mail: blkhtc0rpatyahoodotcom...
XOOPS Module RM+Soft Gallery 1.0 - Blind SQL Injection Exploit
No description provided by source. html head titleXOOPS Module RM+Soft Gallery 1.0categos.php BLIND SQL Injection Exploit/title script type=text/javascript //'=============================================================================================== //'Script Name: XOOPS Module RM+Soft Galle...
Xoops 1.0/1.3.x BBCode HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8414/info Xoops BBCode has been reported prone to an HTML injection vulnerability. It has been reported that an attacker may inject malicious script into areas of Xoops where BBCode is rendered. This issue is due to a lac...
XOOPS 2.2.5 register.php Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26835/info XOOPS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
Xoops 2.0.18 modules/system/admin.php fct Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/30330/info XOOPS is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include...
xoops incontent module 3.0 - Directory Traversal vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12406/info Xoops Incontent module is reported prone to a directory traversal vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input. A malicious user could issue a reques...
XOOPS Module Glossarie <= 1.7 (sid) Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl Script Name: XOOPS Module Glossarie = 1.7 sid Remote BLIND SQL Injection Exploit Coded by : ajann Author : ajann Contact : : Dork : inurl:/modules/glossaire/ S.Page : http://www.xoops.org/modules/repository/singlefile.php?cid=100&lid=1156 $$ : Fre...
CVE-2014-3935
SQL injection vulnerability in glossaire-aff.php in the Glossaire module 1.0 for XOOPS allows remote attackers to execute arbitrary SQL commands via the lettre parameter...
Sql injection
SQL injection vulnerability in glossaire-aff.php in the Glossaire module 1.0 for XOOPS allows remote attackers to execute arbitrary SQL commands via the lettre parameter...
CVE-2014-3935
SQL injection vulnerability in glossaire-aff.php in the Glossaire module 1.0 for XOOPS allows remote attackers to execute arbitrary SQL commands via the lettre parameter...