Xoops Security Vulnerabilities and Issues — Xoops CVE List

Lucene search

XoopsXoops

2 matches found

CVE•added 2014/09/11 2:16 p.m.•48 views

CVE-2012-0984

Multiple cross-site scripting (XSS) vulnerabilities in XOOPS before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via the (1) to_userid parameter to modules/pm/pmlite.php or the (2) current_file, (3) imgcat_id, or (4) target parameter to class/xoopseditor/tinymce/tinymce/jscri...

4.3CVSS5.7AI score0.15659EPSS

CVE•added 2014/11/20 1:55 p.m.•36 views

CVE-2014-8999

SQL injection vulnerability in htdocs/modules/system/admin.php in XOOPS before 2.5.7 Final allows remote authenticated users to execute arbitrary SQL commands via the selgroups parameter.

6.5CVSS8.2AI score0.00308EPSS