QwikSec

Security Database

CVE

CWE

Training

CVE-2008-7036

Published: Aug 24, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in index.php in DevTracker module 3.0 for bcoos 1.1.11 and earlier, and DevTracker module 0.20 for E-XooPS 1.0.8 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) direction and (2) order_by parameters.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_OSVDB

devtracker-index-xss(40306)

vdb-entry

x_refsource_XF

http://lostmon.blogspot.com/2008/02/bcoos-and-e-xoops-devtracker-module-two.html

x_refsource_MISC

vdb-entry

x_refsource_OSVDB

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.