phpWebSite up to 0.10.2 cross site scripting

entryeditHistoryDiffjsonxmlCTI

A vulnerability has been found in phpWebSite (Content Management System) and classified as problematic. Affected by this vulnerability is an unknown part. Upgrading to version 0.9.2.1 eliminates this vulnerability.

Field03/23/2015 04:50 PM02/13/2019 10:43 AM
typeContent Management SystemContent Management System
namephpWebSitephpWebSite
version0.7.3/0.8.2/0.8.3/0.9.0/0.9.1/0.9.2/0.9.2.1/0.9.3/0.9.3.1/0.9.3.2/0.9.3.3/0.9.3.4/0.10/0.10.0/0.10.1/0.10.20.7.3/0.8.2/0.8.3/0.9.0/0.9.1/0.9.2/0.9.2.1/0.9.3/0.9.3.1/0.9.3.2/0.9.3.3/0.9.3.4/0.10/0.10.0/0.10.1/0.10.2
cwe79 (cross site scripting)79 (cross site scripting)
risk11
cvss2_vuldb_basescore4.34.3
cvss2_vuldb_tempscore3.73.7
cvss2_vuldb_avNN
cvss2_vuldb_acMM
cvss2_vuldb_auNN
cvss2_vuldb_ciNN
cvss2_vuldb_iiPP
cvss2_vuldb_aiNN
cvss2_nvd_avNN
cvss2_nvd_acMM
cvss2_nvd_auNN
cvss2_nvd_ciNN
cvss2_nvd_iiPP
cvss2_nvd_aiNN
cvss3_meta_basescore4.34.3
cvss3_meta_tempscore4.14.1
cvss3_vuldb_basescore4.34.3
cvss3_vuldb_tempscore4.14.1
date1323302400 (12/08/2011)1323302400 (12/08/2011)
urlhttp://jvndb.jvn.jp/jvndb/JVNDB-2011-000103http://jvndb.jvn.jp/jvndb/JVNDB-2011-000103
price_0day$0-$5k$0-$5k
nameUpgradeUpgrade
upgrade_version0.9.2.10.9.2.1
cveCVE-2011-4265CVE-2011-4265
cve_nvd_published13233024001323302400
cve_nvd_summaryCross-site scripting (XSS) vulnerability in phpWebSite before 1.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.Cross-site scripting (XSS) vulnerability in phpWebSite before 1.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_uiRR
locationWebsiteWebsite
cvss2_vuldb_eNDND
cvss2_vuldb_rlOFOF
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlOO
cvss3_vuldb_rcXX
cvss3_vuldb_prNN
cvss3_vuldb_sUU
cvss3_vuldb_cNN
cvss3_vuldb_iLL
cvss3_vuldb_aNN
cve_assigned1320192000

Do you want to use VulDB in your project?

Use the official API to access entries easily!