Nooms : Security Vulnerabilities, CVEs, CVSS score >= 1

CVE-2008-4180

Unspecified vulnerability in db.php in NooMS 1.1 allows remote attackers to conduct brute force attacks against passwords via a username in the g_dbuser parameter and a password in the g_dbpwd parameter, and possibly a "localhost" g_dbhost parameter value, related to a "Mysql Remote Brute Force Vulnerability."
Max CVSS
5.0
EPSS Score
0.33%
Published
2008-09-23
Updated
2018-10-11

CVE-2008-4179

Multiple cross-site scripting (XSS) vulnerabilities in NooMS 1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) page_id parameter to smileys.php and the (2) q parameter to search.php.
Max CVSS
4.3
EPSS Score
0.27%
Published
2008-09-23
Updated
2018-10-11

CVE-2008-4162

Open redirect vulnerability in admin/auth.php in NooMS 1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the g_site_url parameter.
Max CVSS
4.3
EPSS Score
0.30%
Published
2008-09-22
Updated
2018-10-11
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close