CVE-2008-1063

XM-Memberstats < unknown - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability index.php in the XM-Memberstats (xmmemberstats) module for XOOPS allows remote attackers to inject arbitrary web script or HTML via the sortby parameter.

References (2)

[Exploit] http://www.xssing.com/index.php?x=3&y=12

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/41001

Scores

EPSS 0.0022

EPSS Percentile 45.0%

Classification

CWE

CWE-79

Status draft

Affected Products (1)

xoops/xm-memberstats

Timeline

Published Feb 28, 2008

Tracked Since Feb 18, 2026