VYPR
Unrated severityNVD Advisory· Published Aug 24, 2009· Updated Jun 16, 2026

CVE-2008-7036

CVE-2008-7036

Description

Multiple cross-site scripting (XSS) vulnerabilities in index.php in DevTracker module 3.0 for bcoos 1.1.11 and earlier, and DevTracker module 0.20 for E-XooPS 1.0.8 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) direction and (2) order_by parameters.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

15
  • Bcoos/Bcoos6 versions
    cpe:2.3:a:bcoos:bcoos:*:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:bcoos:bcoos:*:*:*:*:*:*:*:*range: <=1.1.11
    • cpe:2.3:a:bcoos:bcoos:1.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:bcoos:bcoos:1.0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:bcoos:bcoos:1.0.12:*:*:*:*:*:*:*
    • cpe:2.3:a:bcoos:bcoos:1.0.13:*:*:*:*:*:*:*
    • cpe:2.3:a:bcoos:bcoos:1.0.9:*:*:*:*:*:*:*
  • Bcoos/Devtracker3 versions
    cpe:2.3:a:bcoos:devtracker:0.20:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:bcoos:devtracker:0.20:*:*:*:*:*:*:*
    • cpe:2.3:a:bcoos:devtracker:3.0:*:*:*:*:*:*:*
    • (no CPE)range: <=3.0
  • E Xoops/E Xoops6 versions
    cpe:2.3:a:e-xoops:e-xoops:*:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:e-xoops:e-xoops:*:*:*:*:*:*:*:*range: <=1.08
    • cpe:2.3:a:e-xoops:e-xoops:1.05:r3:*:*:*:*:*:*
    • cpe:2.3:a:e-xoops:e-xoops:1.05:rev1:*:*:*:*:*:*
    • cpe:2.3:a:e-xoops:e-xoops:1.05:rev2:*:*:*:*:*:*
    • cpe:2.3:a:e-xoops:e-xoops:1.05:rev3:*:*:*:*:*:*
    • (no CPE)range: <=0.20

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.