myBloggie login.php PATH_INFO cross site scripting

artículoeditHistoryDiffjsonxmlCTI

Una vulnerabilidad clasificada como problemática fue encontrada en myBloggie. Una función desconocida del archivo login.php es afectada por esta vulnerabilidad. No hay información respecto a posibles contramedidas. Se sugiere sustituir el producto con un equivalente.

Campo2016-05-08 21:412018-12-25 11:27
namemyBloggiemyBloggie
filelogin.phplogin.php
argumentPATH_INFOPATH_INFO
cvss2_vuldb_basescore3.53.5
cvss2_vuldb_tempscore3.23.2
cvss3_meta_basescore3.53.5
cvss3_meta_tempscore3.33.3
cvss3_vuldb_basescore3.53.5
cvss3_vuldb_tempscore3.33.3
date1169027319 (2007-01-17)1169027319 (2007-01-17)
urlhttp://archives.neohapsis.com/archives/fulldisclosure/2007-01/0338.htmlhttp://archives.neohapsis.com/archives/fulldisclosure/2007-01/0338.html
availability11
publicity11
price_0day$0-$5k$0-$5k
osvdb3293032930
osvdb_create11691136731169113673
osvdb_titlemyBloggie login.php PATH_INFO Parameter XSSmyBloggie login.php PATH_INFO Parameter XSS
secunia2381823818
secunia_date1169078400 (2007-01-18)1169078400 (2007-01-18)
secunia_titlemyBloggie Two Cross-Site Scripting VulnerabilitiesmyBloggie Two Cross-Site Scripting Vulnerabilities
secunia_riskLess CriticalLess Critical
securityfocus2209722097
securityfocus_date1168992000 (2007-01-17)1168992000 (2007-01-17)
securityfocus_classInput Validation ErrorInput Validation Error
securityfocus_titleMyBloggie Multiple Cross-Site Scripting VulnerabilitiesMyBloggie Multiple Cross-Site Scripting Vulnerabilities
xforce3155431554
seealso3449934499
cwe80 (cross site scripting)80 (cross site scripting)
risk11
cvss2_vuldb_avNN
cvss2_vuldb_acMM
cvss2_vuldb_ciNN
cvss2_vuldb_iiPP
cvss2_vuldb_aiNN
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_uiRR
locationWebsiteWebsite
cvss2_vuldb_ePOCPOC
cvss2_vuldb_rlNDND
cvss2_vuldb_rcNDND
cvss3_vuldb_ePP
cvss3_vuldb_rlXX
cvss3_vuldb_rcXX
cvss2_vuldb_auSS
cvss3_vuldb_prLL
cvss3_vuldb_sUU
cvss3_vuldb_cNN
cvss3_vuldb_iLL
cvss3_vuldb_aNN
person_nicknameCorryL
urlhttp://www.securityfocus.com/data/vulnerabilities/exploits/22097.html

Do you need the next level of professionalism?

Upgrade your account now!