Description
Cross-site scripting (XSS) vulnerability in modules/wfdownloads/newlist.php in XOOPS 1.0 allows remote attackers to inject arbitrary web script or HTML via the newdownloadshowdays parameter.
Remediation
References
Related Vulnerabilities
MediaWiki CVE-2017-8812 Vulnerability (CVE-2017-8812)
WordPress 6.4.x Remote Code Execution (6.4 - 6.4.1)
MySQL CVE-2018-2778 Vulnerability (CVE-2018-2778)
WordPress Plugin Delete All Comments Easily Cross-Site Request Forgery (1.3)
WordPress Plugin Shipping Servientrega Woocommerce Arbitrary File Upload (2.0.3)