Layton Technology Helpbox 4.4.0 writesolutionuser.asp sys_solution_id cross site scripting

entryeditHistoryDiffjsonxmlCTI

A vulnerability classified as problematic has been found in Layton Technology Helpbox 4.4.0. Affected is an unknown code block of the file writesolutionuser.asp. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field03/24/2015 12:22 PM02/24/2019 10:06 AM
vendorLayton TechnologyLayton Technology
nameHelpboxHelpbox
version4.4.04.4.0
filewritesolutionuser.aspwritesolutionuser.asp
argumentsys_solution_idsys_solution_id
cwe79 (cross site scripting)79 (cross site scripting)
risk11
cvss2_vuldb_basescore4.34.3
cvss2_vuldb_tempscore4.34.3
cvss2_vuldb_avNN
cvss2_vuldb_acMM
cvss2_vuldb_auNN
cvss2_vuldb_ciNN
cvss2_vuldb_iiPP
cvss2_vuldb_aiNN
cvss2_nvd_avNN
cvss2_nvd_acMM
cvss2_nvd_auNN
cvss2_nvd_ciNN
cvss2_nvd_iiPP
cvss2_nvd_aiNN
cvss3_meta_basescore4.34.3
cvss3_meta_tempscore4.34.3
cvss3_vuldb_basescore4.34.3
cvss3_vuldb_tempscore4.34.3
date1355270400 (12/12/2012)1355270400 (12/12/2012)
price_0day$0-$5k$0-$5k
cveCVE-2012-4972CVE-2012-4972
cve_nvd_published13552704001355270400
cve_nvd_summaryMultiple cross-site scripting (XSS) vulnerabilities in Layton Helpbox 4.4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) sys_solution_id, (2) sys_requesttype_id, (3) sys_problem_desc, (4) sys_solution_desc, (5) sys_problemsummary, (6) usr_Action_testing, (7) usr_Escalation, or (8) usr_Additional_Resources parameter to writesolutionuser.asp or the (9) sys_solution_id parameter to deletesolution.asp.Multiple cross-site scripting (XSS) vulnerabilities in Layton Helpbox 4.4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) sys_solution_id, (2) sys_requesttype_id, (3) sys_problem_desc, (4) sys_solution_desc, (5) sys_problemsummary, (6) usr_Action_testing, (7) usr_Escalation, or (8) usr_Additional_Resources parameter to writesolutionuser.asp or the (9) sys_solution_id parameter to deletesolution.asp.
xforce7965879658
seealso63184 63183 63182 63181 6317963184 63183 63182 63181 63179
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_uiRR
locationWebsiteWebsite
cvss2_vuldb_eNDND
cvss2_vuldb_rlNDND
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlXX
cvss3_vuldb_rcXX
cvss3_vuldb_prNN
cvss3_vuldb_sUU
cvss3_vuldb_cNN
cvss3_vuldb_iLL
cvss3_vuldb_aNN
urlhttp://xforce.iss.net/xforce/xfdb/79658
cve_assigned1348012800

Interested in the pricing of exploits?

See the underground prices here!