Cross-Site Scripting Vulnerability in XOOPS by XOOPS Foundation
CVE-2008-3295

Currently unrated

Key Information:

Vendor: Xoops
Status: Xoops
Vendor: CVE Published:; 25 July 2008

What is CVE-2008-3295?

A Cross-Site Scripting (XSS) vulnerability exists in the admin.php module of XOOPS version 2.0.18.1, enabling remote attackers to inject unauthorized web scripts or HTML via the 'fct' parameter. This flaw potentially allows attackers to manipulate the behavior of the application, leading to unauthorized actions or data exposure when an unsuspecting user interacts with the compromised interface. Proper input validation and sanitization measures should be implemented to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/30330

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/43965

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jul 25, 2008
Vulnerability Reserved
Jul 25, 2008

JSON

Xoops

What is CVE-2008-3295?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.