vs Rubedo vs Mambo vs Plone vs Typo3 vs Web GUI vs Wordpress vs Xoops.

For a larger list of CMS using PHP: It is a collaborative comparison table : feel free to update it.

Keep your website upto date and add new content at your convenience making your website attractive to users and search engines.

An example attack uses "into outfile" to create a backdoor program.

Multiple cross-site scripting (XSS) vulnerabilities in XOOPS before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via the (1) to_userid parameter to modules/pm/or the (2) current_file, (3) imgcat_id, or (4) target parameter to class/xoopseditor/tinymce/tinymce/jscripts/tiny_mce/plugins/xoopsimagemanager/

Modules exist that have been developed by an international community of developers, designers and fans and are able to handle most every task associated with the managing of web content and an online community.

The content management system renders easier and rapid management of your website information, letting you create, edit, and publish the contents on a website, without any technical programming skill what-so-ever.

Cross-site scripting (XSS) vulnerability in modules/system/in XOOPS 2.0.18.1 allows remote attackers to inject arbitrary web script or HTML via the fct parameter.

NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Cross-site scripting (XSS) vulnerability in the Bluemoon, Inc.

(1) Back Pack 0.91 and earlier, (2) Bm Survey 0.84 and earlier, (3) newbb_fileup 1.83 and earlier, (4) News_embed (news_fileup) 1.44 and earlier, and (5) Popnup Blog 3.19 and earlier modules for XOOPS 2.0.x, XOOPS Cube 2.1, and Impress CMS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

The first beta release of Impress CMS was introduced in January 2008 and Impress CMS 1.0 Final was published in March 2008, establishing its new identity apart from XOOPS and incorporating bug fixes, security enhancements and new features. Major changes were done to the core of the system, hence the longer development time.

This version introduced the Impress CMS Persistable Framework (IPF) in the core, the ‘Content’ core module was transformed into a stand-alone module, and the installation system had a substantial refresh.

Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.5.1.a, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the (1) text parameter to include/formdhtmltextarea_or (2) img BBCODE tag within the message parameter to (aka Private Message).