Lucene search

MitreCVE-2008-5435

HistoryDec 11, 2008 - 3:30 p.m.

CVE-2008-5435

2008-12-1115:30:00

CWE-79

mitre

web.nvd.nist.gov

xss

vulnerability

moderate.php

punbb

1.3.1

remote attackers

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

60.3%

JSON

Cross-site scripting (XSS) vulnerability in moderate.php in PunBB before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via a topic subject.

Affected configurations

Nvd

Node

punbbpunbbRange≤1.3

punbbpunbbMatch1.0

punbbpunbbMatch1.0alpha

punbbpunbbMatch1.0beta1

punbbpunbbMatch1.0beta1a

punbbpunbbMatch1.0beta2

punbbpunbbMatch1.0beta3

punbbpunbbMatch1.0rc1

punbbpunbbMatch1.0rc2

punbbpunbbMatch1.0.1

punbbpunbbMatch1.1

punbbpunbbMatch1.1.1

punbbpunbbMatch1.1.2

punbbpunbbMatch1.1.3

punbbpunbbMatch1.1.4

punbbpunbbMatch1.1.5

punbbpunbbMatch1.2

punbbpunbbMatch1.2.1

punbbpunbbMatch1.2.2

punbbpunbbMatch1.2.3

punbbpunbbMatch1.2.4

punbbpunbbMatch1.2.5

punbbpunbbMatch1.2.6

punbbpunbbMatch1.2.7

punbbpunbbMatch1.2.8

punbbpunbbMatch1.2.9

punbbpunbbMatch1.2.10

punbbpunbbMatch1.2.11

punbbpunbbMatch1.2.12

punbbpunbbMatch1.2.13

punbbpunbbMatch1.2.14

punbbpunbbMatch1.2.15

punbbpunbbMatch1.2.16

punbbpunbbMatch1.2.17

punbbpunbbMatch1.2.18

punbbpunbbMatch1.2.19

punbbpunbbMatch1.2.20

punbbpunbbMatch1.2.21

punbbpunbbMatch1.3beta

punbbpunbbMatch1.3rc1

punbbpunbbMatch1.3rc2

punbbpunbbMatch1.3rc7

VendorProductVersionCPE
punbbpunbb*cpe:2.3:a:punbb:punbb:*:*:*:*:*:*:*:*
punbbpunbb1.0cpe:2.3:a:punbb:punbb:1.0:*:*:*:*:*:*:*
punbbpunbb1.0cpe:2.3:a:punbb:punbb:1.0:alpha:*:*:*:*:*:*
punbbpunbb1.0cpe:2.3:a:punbb:punbb:1.0:beta1:*:*:*:*:*:*
punbbpunbb1.0cpe:2.3:a:punbb:punbb:1.0:beta1a:*:*:*:*:*:*
punbbpunbb1.0cpe:2.3:a:punbb:punbb:1.0:beta2:*:*:*:*:*:*
punbbpunbb1.0cpe:2.3:a:punbb:punbb:1.0:beta3:*:*:*:*:*:*
punbbpunbb1.0cpe:2.3:a:punbb:punbb:1.0:rc1:*:*:*:*:*:*
punbbpunbb1.0cpe:2.3:a:punbb:punbb:1.0:rc2:*:*:*:*:*:*
punbbpunbb1.0.1cpe:2.3:a:punbb:punbb:1.0.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
punbb	punbb	*	cpe:2.3:a:punbb:punbb::::::::
punbb	punbb	1.0	cpe:2.3:a:punbb:punbb:1.0:::::::*
punbb	punbb	1.0	cpe:2.3:a:punbb:punbb:1.0:alpha::::::
punbb	punbb	1.0	cpe:2.3:a:punbb:punbb:1.0:beta1::::::
punbb	punbb	1.0	cpe:2.3:a:punbb:punbb:1.0:beta1a::::::
punbb	punbb	1.0	cpe:2.3:a:punbb:punbb:1.0:beta2::::::
punbb	punbb	1.0	cpe:2.3:a:punbb:punbb:1.0:beta3::::::
punbb	punbb	1.0	cpe:2.3:a:punbb:punbb:1.0:rc1::::::
punbb	punbb	1.0	cpe:2.3:a:punbb:punbb:1.0:rc2::::::
punbb	punbb	1.0.1	cpe:2.3:a:punbb:punbb:1.0.1:::::::*

Rows per page:

1-10 of 421

References

osvdb.org/50680

punbb.informer.com/

www.openwall.com/lists/oss-security/2008/12/09/3

www.securityfocus.com/bid/32800

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

60.3%

JSON

Related for CVE-2008-5435