2 matches found
XOOPS Module Qas codigo SQL Injection (CVE-2009-4714)
An SQL injection vulnerability has been reported in Alexandre Amaral Xoops Celepar. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
CVE-2009-4714
CVE-2009-4714 affects the XOOPS Celepar quiz module. The vulnerability is a Cross-site Scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML via PATH_INFO to cadastro_usuario.php. The available connected sources corroborate an XSS impact, but no explicit remedia...