Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2008-7036

Multiple cross-site scripting (XSS) vulnerabilities in index.php in DevTracker module 3.0 for bcoos 1.1.11 and earlier, and DevTracker module 0.20 for E-XooPS 1.0.8 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) direction and (2) order_by parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.1%
CVSS Severity
CVSS v2 Score 4.3
Products affected by CVE-2008-7036
  • Bcoos » Bcoos » Version: Any
    cpe:2.3:a:bcoos:bcoos:*
  • Bcoos » Bcoos » Version: 1.0.10
    cpe:2.3:a:bcoos:bcoos:1.0.10
  • Bcoos » Bcoos » Version: 1.0.11
    cpe:2.3:a:bcoos:bcoos:1.0.11
  • Bcoos » Bcoos » Version: 1.0.12
    cpe:2.3:a:bcoos:bcoos:1.0.12
  • Bcoos » Bcoos » Version: 1.0.13
    cpe:2.3:a:bcoos:bcoos:1.0.13
  • Bcoos » Bcoos » Version: 1.0.9
    cpe:2.3:a:bcoos:bcoos:1.0.9
  • Bcoos » Devtracker » Version: 0.20
    cpe:2.3:a:bcoos:devtracker:0.20
  • Bcoos » Devtracker » Version: 3.0
    cpe:2.3:a:bcoos:devtracker:3.0
  • E-Xoops » E-Xoops » Version: Any
    cpe:2.3:a:e-xoops:e-xoops:*
  • E-Xoops » E-Xoops » Version: 1.05
    cpe:2.3:a:e-xoops:e-xoops:1.05


Contact Us

Shodan ® - All rights reserved