CVE-2008-2186

Опубликовано: 13 мая 2008

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in index.php in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to inject arbitrary web script or HTML via the q parameter.

Ссылки

http://marc.info/?l=bugtraq&m=120975560407192&w=2
http://secunia.com/advisories/30080
Vendor Advisory
http://www.bugreport.ir/index_59.htm
http://www.osvdb.org/44809
http://www.securityfocus.com/archive/1/499458/100/0/threaded
http://www.securityfocus.com/archive/1/499459/100/0/threaded
http://www.securityfocus.com/bid/29025
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/42156
https://www.exploit-db.com/exploits/7532
http://marc.info/?l=bugtraq&m=120975560407192&w=2
http://secunia.com/advisories/30080
Vendor Advisory
http://www.bugreport.ir/index_59.htm
http://www.osvdb.org/44809
http://www.securityfocus.com/archive/1/499458/100/0/threaded
http://www.securityfocus.com/archive/1/499459/100/0/threaded
http://www.securityfocus.com/bid/29025
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/42156
https://www.exploit-db.com/exploits/7532

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cilekyazilim:chicomas:2.0.4:*:*:*:*:*:*:*

EPSS

Процентиль: 92%

0.08609

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-5h5p-987h-5vj4

github

почти 4 года назад