phpWebSite 0.7.3 fino 0.10.2 cross site scripting

voceeditHistoryDiffjsonxmlCTI

Un punto critico di livello problematico è stato rilevato in phpWebSite (Content Management System). Interessato da questa vulnerabilità è una funzione sconosciuta. L'aggiornamento alla versione 0.9.2.1 elimina questa vulnerabilità.

Campo23/03/2015 16:5013/02/2019 10:43
typeContent Management SystemContent Management System
namephpWebSitephpWebSite
version0.7.3/0.8.2/0.8.3/0.9.0/0.9.1/0.9.2/0.9.2.1/0.9.3/0.9.3.1/0.9.3.2/0.9.3.3/0.9.3.4/0.10/0.10.0/0.10.1/0.10.20.7.3/0.8.2/0.8.3/0.9.0/0.9.1/0.9.2/0.9.2.1/0.9.3/0.9.3.1/0.9.3.2/0.9.3.3/0.9.3.4/0.10/0.10.0/0.10.1/0.10.2
cwe79 (cross site scripting)79 (cross site scripting)
risk11
cvss2_vuldb_basescore4.34.3
cvss2_vuldb_tempscore3.73.7
cvss2_vuldb_avNN
cvss2_vuldb_acMM
cvss2_vuldb_auNN
cvss2_vuldb_ciNN
cvss2_vuldb_iiPP
cvss2_vuldb_aiNN
cvss2_nvd_avNN
cvss2_nvd_acMM
cvss2_nvd_auNN
cvss2_nvd_ciNN
cvss2_nvd_iiPP
cvss2_nvd_aiNN
cvss3_meta_basescore4.34.3
cvss3_meta_tempscore4.14.1
cvss3_vuldb_basescore4.34.3
cvss3_vuldb_tempscore4.14.1
date1323302400 (08/12/2011)1323302400 (08/12/2011)
urlhttp://jvndb.jvn.jp/jvndb/JVNDB-2011-000103http://jvndb.jvn.jp/jvndb/JVNDB-2011-000103
price_0day$0-$5k$0-$5k
nameUpgradeUpgrade
upgrade_version0.9.2.10.9.2.1
cveCVE-2011-4265CVE-2011-4265
cve_nvd_published13233024001323302400
cve_nvd_summaryCross-site scripting (XSS) vulnerability in phpWebSite before 1.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.Cross-site scripting (XSS) vulnerability in phpWebSite before 1.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_uiRR
locationWebsiteWebsite
cvss2_vuldb_eNDND
cvss2_vuldb_rlOFOF
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlOO
cvss3_vuldb_rcXX
cvss3_vuldb_prNN
cvss3_vuldb_sUU
cvss3_vuldb_cNN
cvss3_vuldb_iLL
cvss3_vuldb_aNN
cve_assigned1320192000

Might our Artificial Intelligence support you?

Check our Alexa App!