Lucene search
+L

CVE-2008-3664

🗓️ 05 Sep 2008 16:00:00Reported by mitreType 
cve
 cve
🔗 web.nvd.nist.gov👁 57 Views🌐 WEB

Multiple XSS vulnerabilities in XRMS allowing remote script injection

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
circl
CVE-2008-3664
4 Sep 200800:00
circl
cvelist
CVE-2008-3664
5 Sep 200816:00
cvelist
euvd
EUVD-2008-3650
7 Oct 202500:30
euvd
nvd
CVE-2008-3664
5 Sep 200816:08
nvd
openvas
XRMS Multiple Vulnerabilities (CVE-2008-3664)
15 Mar 200900:00
openvas
packetstorm
xrms-sqlxss.txt
4 Sep 200800:00
packetstorm
prion
Cross site scripting
5 Sep 200816:08
prion
securityvulns
Multiple Cross Site Scripting (XSS) and SQL injection Vulnerabilities in XRMS, CVE-2008-3664
7 Sep 200800:00
securityvulns
securityvulns
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
7 Sep 200800:00
securityvulns
NVD
ParameterPositionPathDescriptionCWE
targetquery param/xrms/login.phpXSS via login target parameterCWE-79
titlequery param/xrms/activities/some.phpXSS via activities title parameterCWE-79
company_namequery param/xrms/companies/some.phpXSS via company_name parameterCWE-79
last_namequery param/xrms/contacts/some.phpXSS via last_name parameterCWE-79
campaign_titlequery param/xrms/campaigns/some.phpXSS via campaign_title parameterCWE-79
opportunity_titlequery param/xrms/opportunities/some.phpXSS via opportunity_title parameterCWE-79
case_titlequery param/xrms/cases/some.phpXSS via case_title parameterCWE-79
file_idquery param/xrms/files/some.phpXSS via file_id parameterCWE-79
startingquery param/xrms/reports/custom/mileage.phpXSS via starting parameterCWE-79
real_namerequest body/xrms/admin/users/self-2.phpSQL injection via real_name field in admin users self-2 endpointCWE-79
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

16 Jun 2026 22:56Current
5.8Medium risk
Vulners AI Score5.8
CVSS 24.3
EPSS0.01489
57