Lucene search

[email protected]CVE-2008-2127

HistoryMay 09, 2008 - 6:20 p.m.

CVE-2008-2127

2008-05-0918:20:00

CWE-79

[email protected]

web.nvd.nist.gov

cve

2008

2127

xss

vulnerability

faethon

2.2

ultimate

web script

html

6.3 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

60.1%

JSON

Cross-site scripting (XSS) vulnerability in search.php in CMS Faethon 2.2 Ultimate allows remote attackers to inject arbitrary web script or HTML via the what parameter. NOTE: some of these details are obtained from third party information.

CPENameOperatorVersion
cms_faethon:cms_faethoncms faethoneq2.2_ultimate

CPE	Name	Operator	Version
cms_faethon:cms_faethon	cms faethon	eq	2.2_ultimate

References

secunia.com/advisories/30098

www.securityfocus.com/bid/29099

exchange.xforce.ibmcloud.com/vulnerabilities/42258

www.exploit-db.com/exploits/5558

6.3 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

60.1%

JSON

Related for CVE-2008-2127

cvelist1 prion1