Shodan
Vulnerabilities
Vulnerable Software
Xoops:  Security Vulnerabilities
CVE-2008-1351
SQL injection vulnerability in the Tutorials 2.1b module for XOOPS allows remote attackers to execute arbitrary SQL commands via the tid parameter to printpage.php, which is accessible directly or through a printpage action to index.php.
CVSS Score
7.5
EPSS Score
0.003
Published
2008-03-17
CVE-2008-1063
Cross-site scripting (XSS) vulnerability index.php in the XM-Memberstats (xmmemberstats) module for XOOPS allows remote attackers to inject arbitrary web script or HTML via the sortby parameter.
CVSS Score
4.3
EPSS Score
0.002
Published
2008-02-28
CVE-2008-1064
Cross-site scripting (XSS) vulnerability in images.php in the Red Mexico RMSOFT Gallery System (GS) 2.0 module (aka rmgs) for XOOPS allows remote attackers to inject arbitrary web script or HTML via the q parameter.
CVSS Score
4.3
EPSS Score
0.002
Published
2008-02-28
CVE-2008-1065
Multiple SQL injection vulnerabilities in index.php in the XM-Memberstats (xmmemberstats) 2.0e module for XOOPS allow remote attackers to execute arbitrary SQL commands via the (1) letter or (2) sortby parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Score
7.5
EPSS Score
0.004
Published
2008-02-28
CVE-2008-0936
SQL injection vulnerability in index.php in the Prayer List (prayerlist) 1.04 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.
CVSS Score
7.5
EPSS Score
0.003
Published
2008-02-25
CVE-2008-0937
SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter in a print action, a different vector than CVE-2007-1811.
CVSS Score
6.8
EPSS Score
0.002
Published
2008-02-25
CVE-2008-0874
SQL injection vulnerability in index.php in the eEmpregos module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.
CVSS Score
7.5
EPSS Score
0.003
Published
2008-02-21
CVE-2008-0847
SQL injection vulnerability in print.php in the myTopics module for XOOPS allows remote attackers to execute arbitrary SQL commands via the articleid parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2008-02-21
CVE-2008-0611
SQL injection vulnerability in rmgs/images.php in the RMSOFT Gallery System 2.0 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVSS Score
7.5
EPSS Score
0.002
Published
2008-02-06
CVE-2008-0612
Directory traversal vulnerability in htdocs/install/index.php in XOOPS 2.0.18 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
CVSS Score
7.5
EPSS Score
0.04
Published
2008-02-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved