Open redirect vulnerability in htdocs/user.php in XOOPS 2.0.18 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the xoops_redirect parameter.

More... (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0613)