PT-2008-2238 · Xoops · Xoops
Alexandr Polyakov
+1
·
Published
2008-02-06
·
Updated
2018-10-15
·
CVE-2008-0613
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
XOOPS version 2.0.18
Description
The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. This is achieved via a URL in the
xoops redirect parameter in the htdocs/user.php file.Recommendations
For XOOPS version 2.0.18, update to a version that fixes this issue to prevent remote attackers from redirecting users to arbitrary web sites.
Exploit
Fix
Link Following
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Xoops