Lucene search

[email protected]CVE-2003-1539

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2003-1539

2022-10-0316:15:41

CWE-79

[email protected]

web.nvd.nist.gov

cve-2003-1539

xss

vulnerability

onedotoh

simple file manager

sfm

remote attackers

web script

html

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.5%

JSON

Cross-site scripting (XSS) vulnerability in ONEdotOH Simple File Manager (SFM) before 0.21 allows remote attackers to inject arbitrary web script or HTML via (1) file names and (2) directory names.

Affected configurations

NVD

Node

onedotohsimple_file_managerRange≤0.19

CPENameOperatorVersion
onedotoh:simple_file_manageronedotoh simple file managerle0.19

CPE	Name	Operator	Version
onedotoh:simple_file_manager	onedotoh simple file manager	le	0.19

References

secunia.com/advisories/8257

sourceforge.net/project/shownotes.php?release_id=144274

sourceforge.net/tracker/index.php?func=detail&aid=695597&group_id=60333&atid=493842

www.securityfocus.com/bid/7035

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.5%

JSON

Related for CVE-2003-1539

cvelist1 nessus1 nvd1