Xoops

xoops

Vendor: Xoops • 43 CVEs

CVEs (43)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2002-1802 1Xoops 1Xoops Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in Xoops 1.0 RC3 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag when submitting news.
CVE-2002-0217 1Xoops 1Xoops Apr 16, 2026 May 16, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Cross-site scripting (CSS) vulnerabilities in the Private Message System for XOOPS 1.0 RC1 allow remote attackers to execute Javascript on other web clients via (1) the Title field or a Private Message Box or (2) the ima...Show more Cross-site scripting (CSS) vulnerabilities in the Private Message System for XOOPS 1.0 RC1 allow remote attackers to execute Javascript on other web clients via (1) the Title field or a Private Message Box or (2) the image field parameter in pmlite.php.Show less
CVE-2002-0216 1Xoops 1Xoops Apr 16, 2026 May 16, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 userinfo.php in XOOPS 1.0 RC1 allows remote attackers to obtain sensitive information via a SQL injection attack in the "uid" parameter.