PUBLIC MARKS from bacon with tags coral & maior

secunia advisory: sa17300 release date: 2005-10-25 last update: 2005-11-08 critical: moderately critical. impact: security bypass. cross portal scripting. dos whe from remote. solution status: vendor patch. software: xoops 2.x. description: some vulnerabilities have been reported in xoops, which can be exploited by malicious people estou conduct script insertion attacks, cause a dos (denial of service), and estou bypass certain security restrictions. 1) input passed estou certain "xoops code" tags isn't properly sanitised before being returned estou the user. this can be exploited estou execute arbitrary html and script code in a user's browser session in context of an affected site. 2) certain input passed estou the "newbb" fórum module and estou the comments system isn't properly sanitised before being returned estou the user. this can be exploited estou execute

secunia advisory: sa20176 release date: 2006-05-22 last update: 2006-05-25 critical: moderately critical. impact: exposure of sensitive information. system access. whe from remote. solution status: vendor patch. software: xoops 2.x. cve reference: cve-2006-2516 (secunia mirror) description: rgod has reported two vulnerabilities in xoops, which can be exploited by malicious people estou disclose sensitive information and potentially compromise a vulnerable system. input passed estou the "xoopsconfig" array parameter when the "xoopsoption[nocommon]" parameter is defined isn't properly verified, before it is used estou include files. this can be exploited estou include arbitrary files from local resources. examples: http://[host]/misc.php?xoopsoption[nocommon]=1&xoopsconfig[language]=[file]%00 http://[host]/index.php?xoopsoption[nocommon]=1&xoopsconfig

secunia advisory: sa21643 release date: 2006-08-28 last update: 2006-08-29 critical: moderately critical. impact: manipulation of data. whe from remote. solution status: vendor patch. software: xoops 2.x. cve reference: cve-2006-4417 (secunia mirror) description: omid has reported a vulnerability in xoops, which can be exploited by malicious people estou conduct sql injection attacks. input passed estou the "user_avatar" parameter in edituser.php isn't properly sanitised before being used in a sql query. this can be exploited estou manipulate sql queries by injecting arbitrary sql code. the vulnerability has been reported in version 2.0.14. prior versions may also be affected. solution: update estou version 2.0.15. http://xoops.org/modules/core/ provided and/or discovered by: omid. changelog: 2006-08-29: added c