• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

XOOPS 'b_system_comments_show' Information Disclosure Vulnerability

Bugtraq ID:	27135
Class:	Access Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Jan 04 2008 12:00AM
Updated:	Jan 04 2008 06:59PM
Credit:	InstantZero is credited with the discovery of this vulnerability.
Vulnerable:	Xoops Xoops 2.0.17 1 Xoops Xoops 2.0.15 Xoops Xoops 2.0.14 Xoops Xoops 2.0.13 .2 Xoops Xoops 2.0.13 .1 Xoops Xoops 2.0.12 a Xoops Xoops 2.0.12 Xoops Xoops 2.0.11 Xoops Xoops 2.0.10 Xoops Xoops 2.0.9 .3 Xoops Xoops 2.0.9 .2 Xoops Xoops 2.0.5 .2 Xoops Xoops 2.0.5 .1 Xoops Xoops 2.0.5 Xoops Xoops 2.0.3 Xoops Xoops 2.0.2 Xoops Xoops 2.0.1 Xoops Xoops 2.0 Xoops Xoops 1.3.10 Xoops Xoops 1.3.9 Xoops Xoops 1.3.8 Xoops Xoops 1.3.7 Xoops Xoops 1.3.6 Xoops Xoops 1.3.5 Xoops Xoops 1.0 RC1 Xoops Xoops 1.0 RC3.0.5 Xoops Xoops 1.0 RC3 Xoops Xoops 2.0.16 core Xoops Xoops 1.0
Not Vulnerable:	Xoops Xoops 2.0.18