Description

Cross-site scripting (XSS) vulnerability in modules/wfdownloads/newlist.php in XOOPS 1.0 allows remote attackers to inject arbitrary web script or HTML via the newdownloadshowdays parameter.

Remediation

References

CVE-2006-5810

Related Vulnerabilities

MediaWiki CVE-2017-8812 Vulnerability (CVE-2017-8812)

WordPress 6.4.x Remote Code Execution (6.4 - 6.4.1)

MySQL CVE-2018-2778 Vulnerability (CVE-2018-2778)

WordPress Plugin Delete All Comments Easily Cross-Site Request Forgery (1.3)

WordPress Plugin Shipping Servientrega Woocommerce Arbitrary File Upload (2.0.3)

Severity

Medium

Classification

CVE-2006-5810

Tags

Missing Update Known Vulnerabilities