CVE Vulnerabilities

CVE-2004-1640

Published: Aug 28, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 0.94 and 1.0 allow remote attackers to execute arbitrary web script and HTML via the (1) terme parameter to search.php or (2) letter parameter to letter.php.

Affected Software

Name Vendor Start Version End Version
Xoops_dictionary Xoops 0.94 0.94
Xoops_dictionary Xoops 1.0 1.0

References