CVE-2004-1640 — MEDIUM severity vulnerability (Multiple cross-site scripting (XSS) vulnerabilities in XOOPS)
Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 0.94 and 1.0 allow remote attackers to execute arbitrary web script and HTML via the (1) terme parameter to search.php or (2) letter parameter to letter.php.
| CVE ID | CVE-2004-1640 |
|---|---|
| Severity | MEDIUM |
| CVSS score | 4.3 |
| CVSS vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
| CWE | NVD-CWE-Other |
| Status | Modified |
| Published | 2004-08-28 |
| Last modified | 2026-04-16 |
| Description | Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 0.94 and 1.0 allow remote attackers to execute arbitrary web script and HTML via the (1) terme parameter to search.php or (2) letter parameter to letter.php. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →