3 matches found
CVE-2012-0984
The CVE-2012-0984 entry affects XOOPS before 2.5.5, with multiple XSS vulnerabilities exploitable via user-controlled inputs in several PHP scripts: to_userid (modules/pm/pmlite.php), current_file, imgcat_id, and target (class/xoopseditor/tinymce/tinymce/jscripts/tiny_mce/plugins/xoopsimagemanage...
Multiple XSS vulnerabilities in XOOPS
Advisory ID: HTB23062 Product: XOOPS Vendor: xoops.org Vulnerable Versions: 2.5.4 and probably prior Tested Version: 2.5.4 Vendor Notification: 7 December 2011 Vendor Patch: 22 February 2012 Public Disclosure: 18 April 2012 Vulnerability Type: XSS Cross Site Scripting CVE References: CVE-2012-098...
XOOPS 2.5.4 Cross Site Scripting
Advisory ID: HTB23062 Product: XOOPS Vendor: xoops.org Vulnerable Versions: 2.5.4 and probably prior Tested Version: 2.5.4 Vendor Notification: 7 December 2011 Vendor Patch: 22 February 2012 Public Disclosure: 18 April 2012 Vulnerability Type: XSS Cross Site Scripting CVE References: CVE-2012-098...