Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

CMS

XOOPS

Xoops is an easy to use dynamic web content management system written in PHP. XOOPS is an acronym of eXtensible Object Oriented Portal System. Though started as a portal system XOOPS is in fact striving steadily on the track of Content Management System. It can serve as a web framework for use by small medium and large sites.

Official Site:

https://xoops.org/

Severity Summary:

Critical: 2 High: 11 Medium: 23
Reference
Title
Severity
CVE-2023-36217
XOOPS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Critical
CVE-2017-11174
XOOPS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2008-3296
XOOPS Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2008-0612
XOOPS Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2008-4433
XOOPS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2008-5665
XOOPS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2007-0377
XOOPS Other Vulnerability
High
CVE-2009-3963
XOOPS Vulnerability
High
CVE-2008-0611
XOOPS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2005-2113
XOOPS Other Vulnerability
High
CVE-2005-0743
XOOPS Other Vulnerability
High
CVE-2017-7290
XOOPS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2002-2391
XOOPS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2005-2112
XOOPS Other Vulnerability
Medium
CVE-2006-2516
XOOPS Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2006-5810
XOOPS Other Vulnerability
Medium
CVE-2004-2756
XOOPS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2008-0613
XOOPS Improper Link Resolution Before File Access (Link Following) Vulnerability
Medium
CVE-2003-1453
XOOPS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2005-3680
XOOPS Other Vulnerability
Medium
CVE-2019-16684
XOOPS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2008-2035
XOOPS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2008-3295
XOOPS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-16683
XOOPS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2008-4435
XOOPS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2008-6884
XOOPS Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2008-6885
XOOPS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2009-2783
XOOPS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2009-4851
XOOPS Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2011-3822
XOOPS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium