54 matches found
Deserialization of untrusted data
Deserialization of untrusted data vulnerability in XooNIps 3.49 and earlier allows remote attackers to execute arbitrary code via unspecified vectors...
Cross site scripting
Stored cross-site scripting vulnerability in XooNIps 3.49 and earlier allows remote authenticated attackers to inject arbitrary script via unspecified vectors...
Sql injection
SQL injection vulnerability in the XooNIps 3.49 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors...
Cross site scripting
Reflected cross-site scripting vulnerability in XooNIps 3.49 and earlier allows remote authenticated attackers to inject arbitrary script via unspecified vectors...
CVE-2020-5664
CVE-2020-5664 affects the XooNIps module for XOOPS (versions 3.49 and earlier). The vulnerability is described as a deserialization of untrusted data that could allow remote attackers to execute arbitrary code via unspecified vectors. Mitigation guidance in the sources is to update the software t...
CVE-2020-5664
Deserialization of untrusted data vulnerability in XooNIps 3.49 and earlier allows remote attackers to execute arbitrary code via unspecified vectors...
CVE-2020-5663
Stored cross-site scripting vulnerability in XooNIps 3.49 and earlier allows remote authenticated attackers to inject arbitrary script via unspecified vectors...
CVE-2020-5663
CVE-2020-5663 affects XooNIps 3.49 and earlier. The vulnerability is a stored cross-site scripting issue; a remote authenticated attacker can inject arbitrary scripts via unspecified vectors. Public documents corroborate this vulnerability across multiple sources (NVD, Red Hat, CNVD, JVN). Impact...
CVE-2020-5662
The CVE-2020-5662 case affects the XOOPS module XooNIps: reflected cross-site scripting vulnerabilities exist in version 3.49 and earlier. The root cause involves improper handling of user-supplied data, allowing a remote authenticated attacker to inject script via unspecified vectors, potentiall...
CVE-2020-5659
SQL injection vulnerability in the XooNIps 3.49 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2020-5662
Reflected cross-site scripting vulnerability in XooNIps 3.49 and earlier allows remote authenticated attackers to inject arbitrary script via unspecified vectors...
CVE-2020-5659
CVE-2020-5659 is a SQL injection vulnerability in XooNIps up to version 3.49 and earlier. The vulnerability allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. The root cause is inadequate validation of externally entered SQL statements in database-bas...
XooNIps Untrusted Data Deserialization Vulnerability
XooNIps is a neuroinformatics platform infrastructure system based on XOOPS. An untrusted data deserialization vulnerability exists in XooNIps 3.49 and earlier versions. A remote attacker could exploit this vulnerability to execute arbitrary code...
XooNIps cross-site scripting vulnerability (CNVD-2020-63979)
XooNIps is a neuroinformatics platform infrastructure system based on XOOPS. A stored cross-site scripting vulnerability exists in XooNIps 3.49 and earlier versions. A remote authenticated attacker can exploit this vulnerability to inject arbitrary scripts...
XooNIps Cross-Site Scripting Vulnerability (CNVD-2020-63192)
XooNIps is a content management system for the field of neuroscience by the XooNIps team in Japan. A cross-site scripting vulnerability exists in XooNIps version 3.49 and prior versions, which stems from a lack of proper validation of client-side data by the WEB application. An attacker can explo...
XooNIps SQL Injection Vulnerability
XooNIps is a content management system for the field of neuroscience by the XooNIps team in Japan. A SQL injection vulnerability exists in XooNIps version 3.49 and earlier versions, which stems from a lack of validation of externally entered SQL statements in database-based applications. An...
Multiple vulnerabilities in XOOPS module "XooNIps"
Overview XOOPS module "XooNIps" contains multiple vulnerabilities listed below. SQL injection CWE-89 - CVE-2020-5659 Reflected cross-site scripting CWE-79 - CVE-2020-5662 Stored cross-site scripting CWE-79 - CVE-2020-5663 Deserialization of untrusted data CWE-502 - CVE-2020-5664 stypr of Flatt...
CVE-2020-5624
SQL injection vulnerability in the XooNIps 3.48 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2020-5625
Cross-site scripting vulnerability in XooNIps 3.48 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors...
CVE-2020-5625
Cross-site scripting vulnerability in XooNIps 3.48 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors...