CVE-2003-1539

Опубликовано: 31 дек. 2003

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in ONEdotOH Simple File Manager (SFM) before 0.21 allows remote attackers to inject arbitrary web script or HTML via (1) file names and (2) directory names.

Ссылки

http://secunia.com/advisories/8257
Patch
Vendor Advisory
http://sourceforge.net/project/shownotes.php?release_id=144274
http://sourceforge.net/tracker/index.php?func=detail&aid=695597&group_id=60333&atid=493842
Exploit
http://www.securityfocus.com/bid/7035
Patch
http://secunia.com/advisories/8257
Patch
Vendor Advisory
http://sourceforge.net/project/shownotes.php?release_id=144274
http://sourceforge.net/tracker/index.php?func=detail&aid=695597&group_id=60333&atid=493842
Exploit
http://www.securityfocus.com/bid/7035
Patch

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:onedotoh:simple_file_manager:*:*:*:*:*:*:*:*

Версия до 0.19 (включая)

EPSS

Процентиль: 52%

0.00285

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-wq6q-8prg-h8xh

github

больше 3 лет назад