6.2 Medium
AI Score
Confidence
High
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.015 Low
EPSS
Percentile
86.6%
Multiple cross-site scripting (XSS) vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to view.php, (2) release parameter to list.php, or (3) F parameter to get_jsrs_data.php.
lists.mysql.com/eventum-users/2072
marc.info/?l=bugtraq&m=112292193807958&w=2
secunia.com/advisories/16304
securitytracker.com/id?1014603
www.gulftech.org/?node=research&article_id=00093-07312005
www.osvdb.org/18400
www.osvdb.org/18401
www.osvdb.org/18402
www.securityfocus.com/bid/14436
www.vupen.com/english/advisories/2005/1287