1341 matches found
XOOPS Core 2.5.8 - Open Redirect
XOOPS Core 2.5.8 contains an open redirect vulnerability in /modules/profile/index.php due to the URL filter. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2017-12138 info: name: XOOPS Co...
CVE-2019-25433
XOOPS CMS 2.5.9 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the gerarpdf.php endpoint with malicious cid values to extract sensitive database...
CVE-2019-25433
XOOPS CMS 2.5.9 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the gerarpdf.php endpoint with malicious cid values to extract sensitive database...
CVE-2019-25433 XOOPS CMS 2.5.9 SQL Injection via gerar_pdf.php
XOOPS CMS 2.5.9 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the gerarpdf.php endpoint with malicious cid values to extract sensitive database...
CVE-2019-25433
XOOPS CMS 2.5.9 contains an SQL injection in gerar_pdf.php via the cid parameter that allows unauthenticated attackers to manipulate database queries and extract sensitive information. The vulnerability is triggered by special cid values in GET requests. Affected component: gerar_pdf.php in XOOPS...
CVE-2019-25433
XOOPS CMS 2.5.9 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the gerarpdf.php endpoint with malicious cid values to extract sensitive database...
CVE-2019-25433 XOOPS CMS 2.5.9 SQL Injection via gerar_pdf.php
XOOPS CMS 2.5.9 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the gerarpdf.php endpoint with malicious cid values to extract sensitive database...
PT-2026-21439
XOOPS CMS 2.5.9 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the gerar pdf.php endpoint with malicious cid values to extract sensitive database...
XOOPS CMS SQL注入漏洞
XOOPS CMS is a modular content management system developed by the XOOPS company. Version XOOPS CMS 2.5.9 has a SQL injection vulnerability. This vulnerability stems from the cid parameter being susceptible to SQL injections, which may allow unverified attackers to manipulate database queries...
CVE-2009-4714
Cross-site scripting XSS vulnerability in the quiz module for XOOPS Celepar allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to cadastrousuario.php...
CVE-2009-4851
The activation resend function in the Profiles module in XOOPS before 2.4.1 sends activation codes in response to arbitrary activation requests, which allows remote attackers to bypass administrative approval via a request involving activate.php...
CVE-2008-6885
Cross-site scripting XSS vulnerability in pmlite.php in XOOPS 2.3.1 and 2.3.2a allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute in a URL BBcode tag in a private message...
CVE-2019-16684
An issue was discovered in the image-manager in Xoops 2.5.10. When any image with a JavaScript payload as its name is hovered over in the list or in the Edit page, the payload executes...
EUVD-2009-4328
Malware in sbrugna...
EUVD-2008-0621
Malware in sbrugna...
EUVD-2009-4548
Malware in sbrugna...
EUVD-2005-2113
Malware in sbrugna...
EUVD-2007-1808
Malware in sbrugna...
EUVD-2014-8825
Malware in sbrugna...
EUVD-2007-1801
Malware in sbrugna...