header-logo
Suggest Exploit
vendor:
XOOPS
by:
SecurityFocus
4.3
CVSS
MEDIUM
Information Disclosure
200
CWE
Product Name: XOOPS
Affected Version From: 2
Affected Version To: 2
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

XOOPS Information Disclosure Vulnerability

XOOPS has been reported vulnerable to an information disclosure vulnerability. According to the report, path information and other sensitive data may be output in server error messages. Information obtained in this manner may be used by an attacker to launch further attacks against a vulnerable system.

Mitigation:

Ensure that error messages do not contain sensitive information.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7149/info

XOOPS has been reported vulnerable to an information disclosure vulnerability. According to the report, path information and other sensitive data may be output in server error messages. Information obtained in this manner may be used by an attacker to launch further attacks against a vulnerable system. This vulnerability was reported to affect XOOPS version 2.0. It is not currently known if other versions are affected.

http://www.example.com/index.php?xoopsOption=any_word

Navigation

Suggest Exploit

Services By CQR