Vendor Dictionary: Xoops

Xoops

Short Name:	[None Entered]
Previous Names:	[None Entered]
URL:	[None Entered]
Email:	[None Entered]
Security URL:	[None Entered]
Security Email:	[None Entered]
Knowledge Base:	[None Entered]
Notes:	[No Notes]
Full Details...

Vulnerabilities by Vendor Product

Xoops

Xoops

Xoops Dictionary Module: 1.0; OSVDB ID: 9393 XOOPS Dictionary Module search.php terme Parameter XSS; OSVDB ID: 9394 XOOPS Dictionary Module letter.php letter Parameter XSS

WF-Downloads Module: 2.05; OSVDB ID: 20852 XOOPS WF-Downloads Module viewcat.php list Parameter SQL Injection

Portal: 1.3.x; OSVDB ID: 2422 XOOPS BBCode HTML Tags textsanitizer.php XSS; 2.0; OSVDB ID: 2422 XOOPS BBCode HTML Tags textsanitizer.php XSS; 2.0.1; OSVDB ID: 2422 XOOPS BBCode HTML Tags textsanitizer.php XSS

Xoops: 1.3.x; OSVDB ID: 2927 XOOPS banners.php cid Parameter SQL Injection; OSVDB ID: 4596 XOOPS edituser.php SQL Injection; OSVDB ID: 4597 XOOPS imagemanager.php SQL Injection; 2.0.0; OSVDB ID: 2927 XOOPS banners.php cid Parameter SQL Injection; OSVDB ID: 4596 XOOPS edituser.php SQL Injection; OSVDB ID: 4597 XOOPS imagemanager.php SQL Injection; 2.0.1; OSVDB ID: 2927 XOOPS banners.php cid Parameter SQL Injection; OSVDB ID: 4596 XOOPS edituser.php SQL Injection; OSVDB ID: 4597 XOOPS imagemanager.php SQL Injection; 2.0.2; OSVDB ID: 2927 XOOPS banners.php cid Parameter SQL Injection; OSVDB ID: 4596 XOOPS edituser.php SQL Injection; OSVDB ID: 4597 XOOPS imagemanager.php SQL Injection; 2.0.3; OSVDB ID: 2927 XOOPS banners.php cid Parameter SQL Injection; OSVDB ID: 4596 XOOPS edituser.php SQL Injection; OSVDB ID: 4597 XOOPS imagemanager.php SQL Injection; 2.0.4; OSVDB ID: 2927 XOOPS banners.php cid Parameter SQL Injection; OSVDB ID: 4596 XOOPS edituser.php SQL Injection; OSVDB ID: 4597 XOOPS imagemanager.php SQL Injection; 2.0.5; OSVDB ID: 2927 XOOPS banners.php cid Parameter SQL Injection; OSVDB ID: 4596 XOOPS edituser.php SQL Injection; OSVDB ID: 4597 XOOPS imagemanager.php SQL Injection; 2.0.5.1; OSVDB ID: 3136 XOOPS myheader.php URL Parameter XSS; 2.0.13; OSVDB ID: 17793 XML-RPC for PHP (PHPXMLRPC) parseRequest() Function Arbitrary PHP Code Execution; 2.0.13.2; OSVDB ID: 25683 XOOPS xoopsConfig Variable Overwrite Arbitrary Local File Inclusion; 2.2.1; OSVDB ID: 18984 XOOPS Multiple Script Path Disclosure; 2.0.14; OSVDB ID: 28265 XOOPS edituser.php user_avatar Parameter SQL Injection; 2.3.3; OSVDB ID: 56638 XOOPS modules/pm/viewpmsg.php op Parameter XSS; RC1.0; OSVDB ID: 9287 XOOPS Private Message System Private Message Multiple Field XSS; OSVDB ID: 9288 XOOPS Private Message System pmlite.php Image Field Parameter XSS; 2.5.0; OSVDB ID: 71228 XOOPS /modules/system/admin.php Multiple Parameter XSS

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.