Shodan
Vulnerabilities
Vulnerable Software
Xoops:  >> Xoops  >> 2.5.10  Security Vulnerabilities
CVE-2008-5768
SQL injection vulnerability in print.php in the AM Events (aka Amevents) module 0.22 for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVSS Score
7.5
EPSS Score
0.001
Published
2008-12-30
CVE-2008-5665
SQL injection vulnerability in index.php in the xhresim module in XOOPS allows remote attackers to execute arbitrary SQL commands via the no parameter.
CVSS Score
7.5
EPSS Score
0.001
Published
2008-12-19
CVE-2008-5321
SQL injection vulnerability in index.php in GesGaleri, a module for XOOPS, allows remote attackers to execute arbitrary SQL commands via the no parameter.
CVSS Score
7.5
EPSS Score
0.001
Published
2008-12-03
CVE-2008-4653
SQL injection vulnerability in makale.php in Makale 0.26 and possibly other versions, a module for XOOPS, allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.
CVSS Score
7.5
EPSS Score
0.002
Published
2008-10-22
CVE-2008-4635
Unspecified vulnerability in Hisanaga Electric Co, Ltd. hisa_cart 1.29 and earlier, a module for XOOPS, allows remote attackers to obtain sensitive user information via unknown vectors.
CVSS Score
5.0
EPSS Score
0.006
Published
2008-10-21
CVE-2008-4432
Cross-site scripting (XSS) vulnerability in search.php in the RMSOFT MiniShop module 1.0 for Xoops allows remote attackers to inject arbitrary web script or HTML via the itemsxpag parameter.
CVSS Score
4.3
EPSS Score
0.01
Published
2008-10-03
CVE-2008-4433
SQL injection vulnerability in search.php in the RMSOFT MiniShop module 1.0 for Xoops might allow remote attackers to execute arbitrary SQL commands via the itemsxpag parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2008-10-03
CVE-2008-4435
Multiple cross-site scripting (XSS) vulnerabilities in the RMSOFT Downloads Plus (rmdp) module 1.5 and 1.7 for Xoops allow remote attackers to inject arbitrary web script or HTML via the (1) key parameter to search.php and the (2) id parameter to down.php.
CVSS Score
4.3
EPSS Score
0.001
Published
2008-10-03
CVE-2008-4053
Multiple cross-site scripting (XSS) vulnerabilities in index.php in the Bluemoon PopnupBLOG module 3.20 and 3.30 for XOOPS allow remote attackers to inject arbitrary web script or HTML via the (1) param, (2) cat_id, and (3) view parameters.
CVSS Score
4.3
EPSS Score
0.002
Published
2008-09-11
CVE-2008-0611
SQL injection vulnerability in rmgs/images.php in the RMSOFT Gallery System 2.0 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVSS Score
7.5
EPSS Score
0.002
Published
2008-02-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved