CVE-2010-2258

Опубликовано: 09 июн. 2010

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in signupconfirm.php in phpBannerExchange 1.2 Arabic allows remote attackers to inject arbitrary web script or HTML via the bannerurl parameter.

Ссылки

http://osvdb.org/61446
Broken Link
http://packetstormsecurity.org/1001-exploits/phpbannerexchange-xss.txt
Third Party Advisory
http://secunia.com/advisories/38022
Third Party Advisory
http://osvdb.org/61446
Broken Link
http://packetstormsecurity.org/1001-exploits/phpbannerexchange-xss.txt
Third Party Advisory
http://secunia.com/advisories/38022
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phpbannerexchange_project:phpbannerexchange:1.2:*:*:ar:*:*:*:*

EPSS

Процентиль: 51%

0.00282

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-hqxj-h2gh-2rq4

github

больше 3 лет назад