Description
Cross-site scripting (XSS) vulnerability in modules/system/admin.php in XOOPS 2.0.18.1 allows remote attackers to inject arbitrary web script or HTML via the fct parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Remediation
References
Related Vulnerabilities
WordPress Plugin Easy Coming Soon Cross-Site Scripting (1.8.1)
Oracle Database Server CVE-2011-0879 Vulnerability (CVE-2011-0879)
WordPress Plugin User Avatar TimThumb Arbitrary File Upload (1.3.7)
WordPress Plugin WP Google Maps Multiple Cross-Site Scripting Vulnerabilities (6.0.26)
WordPress Plugin WooCommerce Product Vendors Cross-Site Scripting (2.0.35)