Browse all 5 CVE security advisories affecting Xooscripts. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Xooscripts is a web application framework primarily used for building dynamic websites and content management systems. Historically, it has been associated with multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues. The framework's security record includes five CVEs, with several instances allowing unauthorized access or system compromise. Notable characteristics include its modular architecture which, while flexible, has introduced security challenges through component interactions. The platform's widespread adoption in small to medium businesses has made it a target for opportunistic attacks, though no major public breaches have been definitively linked to its vulnerabilities.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2019-25524 | XooGallery Lastest Latest SQL Injection via results.php — XooGalleryCWE-89 | 8.2 | High | 2026-03-12 |
| CVE-2019-25522 | XooGallery Lastest Latest Multiple SQL Injections via photo.php — XooGalleryCWE-89 | 8.2 | High | 2026-03-12 |
| CVE-2019-25523 | XooGallery Lastest Latest SQL Injection via cat.php — XooGalleryCWE-89 | 8.2 | High | 2026-03-12 |
| CVE-2019-25521 | XooGallery Lastest Latest SQL Injection via gal.php gal_id — XooGalleryCWE-89 | 8.2 | High | 2026-03-12 |
| CVE-2019-25509 | XooDigital Lastest Latest SQL Injection via results.php — XooDigitalCWE-89 | 8.2 | High | 2026-03-12 |
This page lists every published CVE security advisory associated with Xooscripts. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.