EUVD-2009-3223

Malware in sbrugna...

CVE-2009-3240

Cross-site scripting XSS vulnerability in the Happy Linux XF-Section module 1.12a for XOOPS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-3240

Cross-site scripting XSS vulnerability in the Happy Linux XF-Section module 1.12a for XOOPS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the Happy Linux XF-Section module 1.12a for XOOPS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-3240

CVE-2009-3240 is a documented XSS vulnerability in the Happy Linux XF-Section module for XOOPS, version 1.12a. The reports consistently describe an ability for remote attackers to inject arbitrary web script or HTML via unspecified vectors, potentially allowing arbitrary script execution in a use...

CVE-2009-3240

Cross-site scripting XSS vulnerability in the Happy Linux XF-Section module 1.12a for XOOPS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

XF-Section vulnerable to cross-site scripting

Overview XF-Section from Happy Linux contains a cross-site scripting vulnerability. XF-Secion from Happy Linux is a XOOPS module that categorizes contents. XF-Section contains a cross-site scripting vulnerability. Masako Oono reported this vulnerability to IPA. JPCERT/CC coordinated with the...

JVN#00425482 XF-Section vulnerable to cross-site scripting

XF-Secion from Happy Linux is a XOOPS module that categorizes contents. XF-Section contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use XF-Section Since the product is no longer being developed, users are...

Sql injection

SQL injection vulnerability in the getArticle function in class/wfsarticle.php in WF-Section aka WF-Sections 1.0.1, as used in Xoops modules such as 1 Zmagazine 1.0, 2 Happy Linux XFsection 1.07 and earlier, and possibly other modules, allows remote attackers to execute arbitrary SQL commands via...

CVE-2007-1974

SQL injection vulnerability in the getArticle function in class/wfsarticle.php in WF-Section aka WF-Sections 1.0.1, as used in Xoops modules such as 1 Zmagazine 1.0, 2 Happy Linux XFsection 1.07 and earlier, and possibly other modules, allows remote attackers to execute arbitrary SQL commands via...

CVE-2007-1974

The CVE-2007-1974 entry describes an SQL injection in WF-Section (XOOPS WF-Section) 1.0.1, via the articleid parameter to print.php, affecting the getArticle function in class/wfsarticle.php. Affected component is the WF-Section XOOPS module; the vulnerability arises from inadequate input sanitiz...

CVE-2007-1974

SQL injection vulnerability in the getArticle function in class/wfsarticle.php in WF-Section aka WF-Sections 1.0.1, as used in Xoops modules such as 1 Zmagazine 1.0, 2 Happy Linux XFsection 1.07 and earlier, and possibly other modules, allows remote attackers to execute arbitrary SQL commands via...