Lucene search

MitreCVE-2008-3587

HistoryAug 11, 2008 - 11:41 p.m.

CVE-2008-3587

2008-08-1123:41:00

CWE-79

mitre

web.nvd.nist.gov

cve-2008-3587

cross-site scripting

xss

vulnerability

result.php

chris bunting homes 4 sale

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

56.0%

JSON

Cross-site scripting (XSS) vulnerability in result.php in Chris Bunting Homes 4 Sale allows remote attackers to inject arbitrary web script or HTML via the r parameter.

Affected configurations

Nvd

Node

needscriptshomes_4_sale

VendorProductVersionCPE
needscriptshomes_4_sale*cpe:2.3:a:needscripts:homes_4_sale:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
needscripts	homes_4_sale	*	cpe:2.3:a:needscripts:homes_4_sale::::::::

References

securityreason.com/securityalert/4134

www.securityfocus.com/archive/1/495059/100/0/threaded

www.securityfocus.com/bid/30517

exchange.xforce.ibmcloud.com/vulnerabilities/44186

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

56.0%

JSON

Related for CVE-2008-3587