ID CVE-2008-3560Type cveReporter NVDModified 2017-08-07T21:31:59
Description
Cross-site scripting (XSS) vulnerability in kshop_search.php in the Kshop module 2.22 for Xoops allows remote attackers to inject arbitrary web script or HTML via the search parameter.
{"id": "CVE-2008-3560", "bulletinFamily": "NVD", "title": "CVE-2008-3560", "description": "Cross-site scripting (XSS) vulnerability in kshop_search.php in the Kshop module 2.22 for Xoops allows remote attackers to inject arbitrary web script or HTML via the search parameter.", "published": "2008-08-08T15:41:00", "modified": "2017-08-07T21:31:59", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3560", "reporter": "NVD", "references": ["http://lostmon.blogspot.com/2008/08/kshop-module-search-variable-and-field.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/44261", "http://downloads.securityfocus.com/vulnerabilities/exploits/30576.html", "http://www.securityfocus.com/bid/30576"], "cvelist": ["CVE-2008-3560"], "type": "cve", "lastseen": "2017-08-08T11:24:50", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:xoops:kshop_module:2.22"], "cvelist": ["CVE-2008-3560"], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "Cross-site scripting (XSS) vulnerability in kshop_search.php in the Kshop module 2.22 for Xoops allows remote attackers to inject arbitrary web script or HTML via the search parameter.", "edition": 1, "enchantments": {}, "hash": "db330daf5a5240bad0eda128618906874e11153b571283f9895d7f93c1d14347", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "448975d91212da3c7da6ad83d34e5dc5", "key": "modified"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "648d20fe5bf7ea91b95219d5a856cb47", "key": "description"}, {"hash": "9278431577c090cd888887748b035e2a", "key": "published"}, {"hash": "068804a6db7bf59332d25cfeae70704b", "key": "cpe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "334880febe00a7b0972dfd3f2837d037", "key": "title"}, {"hash": "12b9016d7e5e95e1b93ef3b91b018f0a", "key": "cvelist"}, {"hash": "02edb978988134fa9ca90b5989d1130f", "key": "references"}, {"hash": "1c517178929d291653bb2658667fdb8b", "key": "href"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3560", "id": "CVE-2008-3560", "lastseen": "2016-09-03T10:53:04", "modified": "2009-03-18T01:40:43", "objectVersion": "1.2", "published": "2008-08-08T15:41:00", "references": ["http://lostmon.blogspot.com/2008/08/kshop-module-search-variable-and-field.html", "http://downloads.securityfocus.com/vulnerabilities/exploits/30576.html", "http://xforce.iss.net/xforce/xfdb/44261", "http://www.securityfocus.com/bid/30576"], "reporter": "NVD", "scanner": [], "title": "CVE-2008-3560", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T10:53:04"}], "edition": 2, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "068804a6db7bf59332d25cfeae70704b"}, {"key": "cvelist", "hash": "12b9016d7e5e95e1b93ef3b91b018f0a"}, {"key": "cvss", "hash": "6e9bdd2021503689a2ad9254c9cdf2b3"}, {"key": "description", "hash": "648d20fe5bf7ea91b95219d5a856cb47"}, {"key": "href", "hash": "1c517178929d291653bb2658667fdb8b"}, {"key": "modified", "hash": "dfd42237717ec835fea91c0b14911184"}, {"key": "published", "hash": "9278431577c090cd888887748b035e2a"}, {"key": "references", "hash": "8e7258371dd73d75690dc28bcd53d174"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "334880febe00a7b0972dfd3f2837d037"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "f274c67f18accc950c91433b35c10021b8b2481db71b32bd776f9937ee41fbec", "viewCount": 0, "enchantments": {"vulnersScore": 4.3}, "objectVersion": "1.3", "cpe": ["cpe:/a:xoops:kshop_module:2.22"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}
{"result": {"exploitdb": [{"id": "EDB-ID:32190", "type": "exploitdb", "title": "Kshop 2.22 - 'kshop_search.php' Cross-Site Scripting Vulnerability", "description": "Kshop 2.22 'kshop_search.php' Cross-Site Scripting Vulnerability. CVE-2008-3560. Webapps exploit for php platform", "published": "2008-08-06T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.exploit-db.com/exploits/32190/", "cvelist": ["CVE-2008-3560"], "lastseen": "2016-02-03T16:23:36"}]}}
