Lucene search

MitreCVE-2008-5566

HistoryDec 15, 2008 - 6:00 p.m.

CVE-2008-5566

2008-12-1518:00:00

CWE-79

mitre

web.nvd.nist.gov

cve-2008-5566

cross-site scripting

xss

vulnerability

triangle solutions

php

multiple newsletters 2.7

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.003

Percentile

71.8%

JSON

Cross-site scripting (XSS) vulnerability in index.php in Triangle Solutions PHP Multiple Newsletters 2.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.

Affected configurations

Nvd

Node

phpmultiplenewslettersphpmultiplenewslettersMatch2.7

VendorProductVersionCPE
phpmultiplenewslettersphpmultiplenewsletters2.7cpe:2.3:a:phpmultiplenewsletters:phpmultiplenewsletters:2.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
phpmultiplenewsletters	phpmultiplenewsletters	2.7	cpe:2.3:a:phpmultiplenewsletters:phpmultiplenewsletters:2.7:::::::*

References

osvdb.org/50659

secunia.com/advisories/33065

securityreason.com/securityalert/4751

www.securityfocus.com/bid/32727

exchange.xforce.ibmcloud.com/vulnerabilities/47198

www.exploit-db.com/exploits/7400

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.003

Percentile

71.8%

JSON

Related for CVE-2008-5566