Vulnerabilities (CVE)

Filtered by vendor Xoops Subscribe
Filtered by product Xoops Dictionary
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-4582 1 Xoops 1 Xoops Dictionary 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in detail.php in the Dictionary module for XOOPS 2.0.18 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2004-1640 1 Xoops 1 Xoops Dictionary 2024-11-20 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 0.94 and 1.0 allow remote attackers to execute arbitrary web script and HTML via the (1) terme parameter to search.php or (2) letter parameter to letter.php.