CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2008/10/03 10:22 p.m.•12 views

CVE-2008-4433

SQL injection vulnerability in search.php in the RMSOFT MiniShop module 1.0 for Xoops might allow remote attackers to execute arbitrary SQL commands via the itemsxpag parameter...

7.5CVSS8.4AI score0.01001EPSS

Exploits0References2

NVD•added 2008/10/03 10:22 p.m.•13 views

CVE-2008-4432

Cross-site scripting XSS vulnerability in search.php in the RMSOFT MiniShop module 1.0 for Xoops allows remote attackers to inject arbitrary web script or HTML via the itemsxpag parameter...

4.3CVSS5.8AI score0.01445EPSS

NVD•added 2008/10/03 10:22 p.m.•13 views

CVE-2008-4435

Multiple cross-site scripting XSS vulnerabilities in the RMSOFT Downloads Plus rmdp module 1.5 and 1.7 for Xoops allow remote attackers to inject arbitrary web script or HTML via the 1 key parameter to search.php and the 2 id parameter to down.php...

4.3CVSS5.9AI score0.01462EPSS

Prion•added 2008/10/03 10:22 p.m.•16 views

Sql injection

SQL injection vulnerability in search.php in the RMSOFT MiniShop module 1.0 for Xoops might allow remote attackers to execute arbitrary SQL commands via the itemsxpag parameter...

7.5CVSS9.1AI score0.01001EPSS

Exploits0References2Affected Software1

Prion•added 2008/10/03 10:22 p.m.•9 views

Cross site scripting

4.3CVSS6.1AI score0.01462EPSS

Prion•added 2008/10/03 10:22 p.m.•18 views

Cross site scripting

Cross-site scripting XSS vulnerability in search.php in the RMSOFT MiniShop module 1.0 for Xoops allows remote attackers to inject arbitrary web script or HTML via the itemsxpag parameter...

4.3CVSS6.2AI score0.01445EPSS

Cvelist•added 2008/10/03 10:0 p.m.•19 views

CVE-2008-4432

Cross-site scripting XSS vulnerability in search.php in the RMSOFT MiniShop module 1.0 for Xoops allows remote attackers to inject arbitrary web script or HTML via the itemsxpag parameter...

5.8AI score0.01445EPSS

Cvelist•added 2008/10/03 10:0 p.m.•16 views

CVE-2008-4433

SQL injection vulnerability in search.php in the RMSOFT MiniShop module 1.0 for Xoops might allow remote attackers to execute arbitrary SQL commands via the itemsxpag parameter...

8.4AI score0.01001EPSS

Exploits0References2

CVE•added 2008/10/03 10:0 p.m.•44 views

CVE-2008-4432

CVE-2008-4432 describes a Cross-site scripting (XSS) vulnerability in the RMSOFT MiniShop module 1.0 for Xoops, exploitable via the itemsxpag parameter in search.php. Remote attackers can inject arbitrary script/HTML. The NVD lists base CVSSv2 4.3 (Medium). The connected documents provide the vul...

4.3CVSS5.8AI score0.01445EPSS

CVE•added 2008/10/03 10:0 p.m.•38 views

CVE-2008-4435

CVE-2008-4435 affects RMSOFT Downloads Plus (rmdp) module for Xoops (versions 1.5 and 1.7). The vulnerability is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML via the key parameter to search.php or the id parameter to down.php. The available...

4.3CVSS5.9AI score0.01462EPSS

CVE•added 2008/10/03 10:0 p.m.•39 views

CVE-2008-4433

CVE-2008-4433 describes an SQL injection in the RMSOFT MiniShop module 1.0 for Xoops. The vulnerability is triggered via the itemsxpag parameter in search.php, allowing remote attackers to execute arbitrary SQL commands. The affected component is the MiniShop module’s search functionality, and th...

7.5CVSS8.4AI score0.01001EPSS

Exploits0References2Affected Software1

Cvelist•added 2008/10/03 10:0 p.m.•13 views

CVE-2008-4435

5.9AI score0.01462EPSS

NVD•added 2008/09/11 9:6 p.m.•12 views

CVE-2008-4053

Multiple cross-site scripting XSS vulnerabilities in index.php in the Bluemoon PopnupBLOG module 3.20 and 3.30 for XOOPS allow remote attackers to inject arbitrary web script or HTML via the 1 param, 2 catid, and 3 view parameters...

4.3CVSS5.8AI score0.01452EPSS

Exploits1References4

Prion•added 2008/09/11 9:6 p.m.•8 views

Cross site scripting

4.3CVSS6.1AI score0.01452EPSS

Exploits1References4Affected Software1

CVE•added 2008/09/11 2:0 p.m.•38 views

CVE-2008-4053

The CVE-2008-4053 entry describes XSS vulnerabilities in the Bluemoon PopnupBLOG module for XOOPS, specifically in index.php for versions 3.20 and 3.30, where the parameters (param, cat_id, view) can be manipulated to inject arbitrary script/HTML. The underlying issue is cross-site scripting due ...

4.3CVSS5.8AI score0.01452EPSS

Exploits1References4Affected Software1

securityvulns•added 2008/09/09 12:0 a.m.•61 views

xoops-1.3.10 shell command execute vulnerability ( causing snoopy class )

== xoops-1.3.10 shell command execute vulnerability causing snoopy class == Author: geinblues geinblues at gmail dot com DATE: 9.7.2008 Site: http://enterblue.net/x90c/ Risk: Midium == 0 Vulnerability Tracing Tracing BREAK 0 BREAK 6 /xoops-1.3.10/html/class/snoopy.class.php...

7.5AI score

Packet Storm•added 2008/09/08 12:0 a.m.•36 views

xoops-exec.txt

7.4AI score

Packet Storm•added 2008/08/26 12:0 a.m.•156 views

popnupblog-xss.txt

PopnupBlog index.php multiple variables XSS Vendor url:http://www.bluemooninc.biz/ Advisore:http://lostmon.blogspot.com/2008/08/ popnupblog-indexphp-multiple-variables.html Vendor notify:no exploits availables:yes PopnupBlog contains a flaw that allows a remote cross site scripting attack.This fl...

7.4AI score