Lucene search

K
cve[email protected]CVE-2009-2226
HistoryOct 03, 2022 - 4:24 p.m.

CVE-2009-2226

2022-10-0316:24:06
CWE-79
web.nvd.nist.gov
19
cve-2009-2226
cross-site scripting
xss
let's php! tree bbs
security vulnerability
nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.002

Percentile

57.7%

Cross-site scripting (XSS) vulnerability in Let’s PHP! Tree BBS 2004/11/23 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

NVD
Node
php.s3tree_bbsRange≀2004\/11\/23
VendorProductVersionCPE
php.s3tree_bbscpe:/a:php.s3:tree_bbs::::

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.002

Percentile

57.7%

Related for CVE-2009-2226