Lucene search

[email protected]CVE-2008-6715

HistoryApr 13, 2009 - 3:30 p.m.

CVE-2008-6715

2009-04-1315:30:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2008-6715

xss

pre ads portal 2.0

security vulnerability

remote attack

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.8%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Pre ADS Portal 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) homeadmin/adminhome.php and (2) homeadmin/signinform.php.

Affected configurations

NVD

Node

preprojectspre_ads_portalRange≤2.0

CPENameOperatorVersion
preprojects:pre_ads_portalpreprojects pre ads portalle2.0

CPE	Name	Operator	Version
preprojects:pre_ads_portal	preprojects pre ads portal	le	2.0

References

www.securityfocus.com/bid/32151

exchange.xforce.ibmcloud.com/vulnerabilities/46398

www.exploit-db.com/exploits/7017

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.8%

JSON

Related for CVE-2008-6715

prion1 cvelist1 nvd1