XOOPS Module myTopics (articleid) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ==================================================================== XOOPS Module myTopics articleid Remote SQL Injection Vulnerability ==================================================================== XOOPS Module myTopics-print SQL...

XOOPS Module myTopics - 'articleId' SQL Injection

XOOPS Module myTopics-print SQL Injectionarticleid AUTHOR : S@BUN HOME 1 : http://www.milw0rm.com/author/1334 MAÄ°L : [email protected] DORK 1 : allinurl: "/modules/myTopics/" you can add expliot after mytopics EXPLOIT :...

Open redirect

Open redirect vulnerability in htdocs/user.php in XOOPS 2.0.18 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the xoopsredirect parameter...

Sql injection

SQL injection vulnerability in rmgs/images.php in the RMSOFT Gallery System 2.0 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2008-0612

Directory traversal vulnerability in htdocs/install/index.php in XOOPS 2.0.18 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the lang parameter...

CVE-2008-0613

Open redirect vulnerability in htdocs/user.php in XOOPS 2.0.18 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the xoopsredirect parameter...

CVE-2008-0611

SQL injection vulnerability in rmgs/images.php in the RMSOFT Gallery System 2.0 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2008-0611

SQL injection vulnerability in rmgs/images.php in the RMSOFT Gallery System 2.0 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2008-0613

Open redirect vulnerability in htdocs/user.php in XOOPS 2.0.18 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the xoopsredirect parameter...

CVE-2008-0611

CVE-2008-0611 : SQL injection in the RMSOFT Gallery System 2.0 module for XOOPS (rmgs/images.php) allows remote attackers to run arbitrary SQL via the id parameter. Affected component: rmgs/images.php in RMSOFT Gallery System 2.0 for XOOPS. Consequences: partial impact to confidentiality, integri...

CVE-2008-0612

Directory traversal vulnerability in htdocs/install/index.php in XOOPS 2.0.18 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the lang parameter...

CVE-2008-0613

CVE-2008-0613 describes an open redirect vulnerability in XOOPS 2.0.18, exploitable through the xoops_redirect parameter in htdocs/user.php to redirect users to arbitrary sites. Public references (NVD, PRION, CVE List, CVELIST, etc.) confirm the issue; no explicit exploit code or active exploit s...

CVE-2008-0612

Vulnerability (CVE-2008-0612) affects XOOPS 2.0.18: a directory traversal in htdocs/install/index.php allows remote attackers to include and execute arbitrary local files by manipulating the lang parameter (using ..). This results in potential partial disclosure and modification of data and possi...

XOOPS 2.0.18 Local File Inclusion / URL Redirecting Vulnerabilities

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-009 Application: XOOPS Versions Affected: XOOPS 2.0.18 Vendor URL: http://www.xoops.org/ Bugs: Local File Include,URL Redirecting phishing Exploits: YES Reported: 28.01.2008 Vendor response: 28.01.2008 Da...

[DSECRG-08-009] xoops 2.0.18 Local File Include

Digital Security Research Group DSecRG Advisory DSECRG-08-009 Application: XOOPS Versions Affected: XOOPS 2.0.18 Vendor URL: http://www.xoops.org/ Bugs: Local File Include,URL Redirecting phishing Exploits: YES Reported: 28.01.2008 Vendor response: 28.01.2008 Date of Public Advisory: 04.02.2008...

bcoosexoops-xss.txt

bcoos & E-xoops DevTracker module two variables XSS vendor url: http://www.bcoos.net Vendor url: http://www.e-xoops.com Advisore: http://lostmon.blogspot.com/2008/02/ bcoos-and-e-xoops-devtracker-module-two.html vendor notify:yes exploits available: YES bcoos and E-xoops are two content-community...

XOOPS 2.0.18 - Local File Inclusion URL Redirecting

XOOPS 2.0.18 - Local File Inclusion URL Redirecting Digital Security Research Group DSecRG Advisory DSECRG-08-009 Application: XOOPS Versions Affected: XOOPS 2.0.18 Vendor URL: http://www.xoops.org/ Bugs: Local File Include,URL Redirecting phishing Exploits: YES Reported: 28.01.2008 Vendor...

XOOPS 2.0.18 Local File Inclusion / URL Redirecting Vulnerabilities

Exploit for unknown platform in category web applications =================================================================== XOOPS 2.0.18 Local File Inclusion / URL Redirecting Vulnerabilities =================================================================== Digital Security Research Group...

DevTracker Module For bcoos 1.1.11 and E-xoops 1.0.8 - Multiple Cross-Site Scripting Vulnerabilities

DevTracker Module For bcoos 1.1.11 and E-xoops 1.0.8 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/27619/info DevTracker module for bcoos and E-xoops is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize...

DSECRG-08-009.txt

Digital Security Research Group DSecRG Advisory DSECRG-08-009 Application: XOOPS Versions Affected: XOOPS 2.0.18 Vendor URL: http://www.xoops.org/ Bugs: Local File Include,URL Redirecting phishing Exploits: YES Reported: 28.01.2008 Vendor response: 28.01.2008 Date of Public Advisory: 04.02.2008...