CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-1640

Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 0.94 and 1.0 allow remote attackers to execute arbitrary web script and HTML via the (1) terme parameter to search.php or (2) letter parameter to letter.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 75.4%

CVSS Severity

CVSS v2 Score 4.3

References

http://cyruxnet.org/modulo_dic_xoops.htm
http://marc.info/?l=bugtraq&m=109394077209963&w=2
http://secunia.com/advisories/12424
http://www.osvdb.org/9393
http://www.osvdb.org/9394
http://www.securityfocus.com/bid/11064
https://exchange.xforce.ibmcloud.com/vulnerabilities/17152
https://exchange.xforce.ibmcloud.com/vulnerabilities/17154
http://cyruxnet.org/modulo_dic_xoops.htm
http://marc.info/?l=bugtraq&m=109394077209963&w=2
http://secunia.com/advisories/12424
http://www.osvdb.org/9393
http://www.osvdb.org/9394
http://www.securityfocus.com/bid/11064
https://exchange.xforce.ibmcloud.com/vulnerabilities/17152
https://exchange.xforce.ibmcloud.com/vulnerabilities/17154

Products affected by CVE-2004-1640

Xoops » Xoops Dictionary » Version: 0.94

cpe:2.3:a:xoops:xoops_dictionary:0.94
Xoops » Xoops Dictionary » Version: 1.0

cpe:2.3:a:xoops:xoops_dictionary:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-1640

Products

Pricing

Contact Us