XOOPS Security

XOOPS is an extensible, OO (Object Oriented), easy to use dynamic web content management system written in PHP. XOOPS is the ideal tool for developing small to large dynamic community websites, intra company portals, corporate portals, weblogs and much more. Read the All about XOOPS page for more details.

::DATE	-::DESCRIPTION	-::HITS				-::AUTHOR
2009-07-27	XOOPS Celepar Module Qas (bSQL/XSS) Multiple Remote Vulnerabilities	787	R		D	Moudi
2009-07-24	Xoops Celepar Module Qas (codigo) SQL Injection Vulnerability	1407	R		D	s4r4d0
2009-06-16	XOOPS <= 2.3.3 Remote File Disclosure Vulnerability (.htaccess)	3528	R		D	daath
2009-01-11	XOOPS Module tadbook2 (open_book.php book_sn) SQL Injection Vuln	2844	R		D	stylextra
2009-01-08	XOOPS 2.3.2 (mydirname) Remote PHP Code Execution Exploit	13368	R		D	StAkeR
2008-12-15	XOOPS Module Amevents (print.php id) SQL Injection Vulnerability	2868	R		D	nétRoot
2008-12-08	XOOPS 2.3.1 Multiple Local File Inclusion Vulnerabilities	3285	R		D	DSecRG
2008-10-20	XOOPS Module makale Remote SQL Injection Vulnerability	4775	R		D	EcHoLL
2008-10-18	XOOPS Module GesGaleri (kategorino) Remote SQL Injection Exploit	3963	R		D	EcHoLL
2008-10-14	XOOPS Module xhresim (index.php no) Remote SQL Injection Vuln	3962	R		D	EcHoLL
2008-06-08	XOOPS Module Uploader 1.1 (filename) File Disclosure Vulnerability	3442	R		D	MEEKAAH
2008-04-19	XOOPS Module Recipe (detail.php id) SQL Injection Vulnerability	5867	R		D	S@BUN
2008-03-17	XOOPS Module Dictionary <= 0.94 Remote SQL Injection Vulnerability	6257	R		D	S@BUN
2008-03-12	XOOPS Module Gallery 0.2.2 (gid) Remote SQL Injection Vulnerability	3765	R		D	S@BUN
2008-03-12	XOOPS Module My_eGallery 3.04 (gid) SQL Injection Vulnerability	5659	R		D	S@BUN
2008-03-12	XOOPS Module tutorials (printpage.php) SQL Injection Vulnerability	5270	R		D	S@BUN
2008-03-06	XOOPS Module Glossario 2.2 (sid) Remote SQL Injection Vulnerability	5326	R		D	S@BUN
2008-03-06	XOOPS Module wfdownloads (cid) Remote SQL Injection Vulnerability	6992	R		D	S@BUN
2008-02-19	XOOPS Module eEmpregos (cid) Remote SQL Injection Vulnerability	3319	R		D	S@BUN
2008-02-19	XOOPS Module classifieds (cid) Remote SQL Injection Vulnerability	4452	R		D	S@BUN
2008-02-18	XOOPS Module myTopics (articleid) Remote SQL Injection Vulnerability	4633	R		D	S@BUN
2008-02-04	XOOPS 2.0.18 Local File Inclusion / URL Redirecting Vulnerabilities	5871	R		D	DSecRG
2008-01-06	XOOPS mod_gallery Zend_Hash_key + Extract RFI Vulnerability	7227	R		D	Eugene Minaev
2007-06-20	XOOPS Module WiwiMod 0.4 Remote File Inclusion Vulnerability	8587	R		D	GoLd_M
2007-06-13	XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability	7349	R		D	Sp[L]o1T
2007-06-13	XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability	8631	R		D	g00ns
2007-06-13	XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability	8169	R		D	g00ns
2007-06-12	XOOPS Module Horoscope <= 2.0 Remote File Inclusion Vulnerability	7198	R		D	BeyazKurt
2007-06-01	XOOPS Module icontent 1.0/4.5 Remote File Inclusion Exploit	9651	R		D	GoLd_M
2007-05-15	XOOPS Module resmanager <= 1.21 BLIND SQL Injection Exploit	4588	R		D	ajann
2007-05-15	XOOPS Module Glossarie <= 1.7 (sid) Remote SQL Injection Exploit	4344	R		D	ajann
2007-05-15	XOOPS Module MyConference 1.0 (index.php) SQL Injection Exploit	5133	R		D	ajann
2007-05-06	XOOPS Module wfquotes 1.0 0 Remote SQL Injection Vulnerability	5444	R		D	xoron
2007-05-04	XOOPS Flashgames Module 1.0.1 Remote SQL Injection Vulnerability	5467	R		D	xoron
2007-04-16	XOOPS Module tsdisplay4xoops 0.1 Remote File Inclusion Vulnerability	6637	R		D	GoLd_M
2007-04-05	XOOPS Module WF-Links <= 1.03 (cid) Remote SQL Injection Exploit	4998	R		D	ajann
2007-04-05	XOOPS Module Jobs <= 2.4 (cid) Remote SQL Injection Exploit	5407	R		D	ajann
2007-04-04	XOOPS Module WF-Snippets <= 1.02 (c) BLIND SQL Injection Exploit	4800	R		D	ajann
2007-04-04	XOOPS Module Rha7 Downloads 1.0 (visit.php) SQL Injection Exploit	5250	R		D	ajann
2007-04-03	XOOPS Module PopnupBlog <= 2.52 (postid) BLIND SQL Injection Exploit	4958	R		D	ajann
2007-04-02	XOOPS Module WF-Section <= 1.01 (articleid) SQL Injection Exploit	4252	R		D	ajann
2007-04-02	XOOPS Module XFsection <= 1.07 (articleid) BLIND SQL Injection Exploit	5124	R		D	ajann
2007-04-02	XOOPS Module Zmagazine 1.0 (print.php) Remote SQL Injection Exploit	4858	R		D	ajann
2007-04-01	XOOPS Module eCal <= 2.24 (display.php) Remote SQL Injection Exploit	3743	R		D	ajann
2007-04-01	XOOPS Module Tiny Event <= 1.01 (id) Remote SQL Injection Exploit	3454	R		D	ajann
2007-04-01	XOOPS Module Kshop <= 1.17 (id) Remote SQL Injection Exploit	4388	R		D	ajann
2007-04-01	XOOPS Module Camportail <= 1.1 (camid) Remote SQL Injection Exploit	3911	R		D	ajann
2007-04-01	XOOPS Module debaser <= 0.92 (genre.php) BLIND SQL Injection Exploit	4583	R		D	ajann
2007-04-01	XOOPS Module myAlbum-P <= 2.0 (cid) Remote SQL Injection Exploit	5122	R		D	ajann
2007-04-01	XOOPS Module RM+Soft Gallery 1.0 BLIND SQL Injection Exploit	4579	R		D	ajann
2007-03-31	XOOPS Module Lykos Reviews 1.00 (index.php) SQL Injection Exploit	4287	R		D	ajann
2007-03-31	XOOPS Module Library (viewcat.php) Remote SQL Injection Exploit	4494	R		D	ajann
2007-03-31	XOOPS Module Core (viewcat.php) Remote SQL Injection Exploit	4836	R		D	ajann
2007-03-31	XOOPS Module Tutoriais (viewcat.php) Remote SQL Injection Exploit	5325	R		D	ajann
2007-03-30	XOOPS Module Repository (viewcat.php) Remote SQL Injection Exploit	4194	R		D	ajann
2007-03-29	XOOPS Module MyAds Bug Fix <= 2.04jp (index.php) SQL Injection Exploit	4946	R		D	ajann
2007-03-28	XOOPS module Articles <= 1.03 (index.php cat_id) SQL Injection Exploit	5176	R		D	ajann
2007-03-28	XOOPS Module Friendfinder <= 3.3 (view.php id) SQL Injection Exploit	4512	R		D	ajann
2007-03-27	XOOPS module Articles <= 1.02 (print.php id) SQL Injection Exploit	7117	R		D	WiLdBoY
2006-06-28	XOOPS myAds Module (lid) Remote SQL Injection Vulnerability	8470	R		D	KeyCoder
2006-05-21	XOOPS <= 2.0.13.2 xoopsOption[nocommon] Remote Exploit	12682	R		D	rgod
2005-11-12	XOOPS (wfdownloads) 2.05 Module Multiple Vulnerabilities Exploit	10965	R		D	rgod
2005-07-04	XOOPS <= 2.0.11 xmlrpc.php SQL Injection Exploit	14075	R	M	D	RusH