Lucene search

[email protected]CVE-2010-0936

HistoryMar 08, 2010 - 3:30 p.m.

CVE-2010-0936

2010-03-0815:30:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2010-0936

xss

d-link

dkvm-ip8

firmware

security vulnerability

remote attack

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.4%

JSON

Cross-site scripting (XSS) vulnerability in auth.asp on the D-LINK DKVM-IP8 with firmware 2282_dlinkA4_p8_20071213 allows remote attackers to inject arbitrary web script or HTML via the nickname parameter.

Affected configurations

NVD

Node

d-linkdkvm-ip8Match2282_dlinka4_p8_20071213

CPENameOperatorVersion
d-link:dkvm-ip8d-link dkvm-ip8eq2282_dlinka4_p8_20071213

CPE	Name	Operator	Version
d-link:dkvm-ip8	d-link dkvm-ip8	eq	2282_dlinka4_p8_20071213

References

osvdb.org/61615

secunia.com/advisories/38051

www.exploit-db.com/exploits/11030

www.securityfocus.com/bid/37646

www.vupen.com/english/advisories/2010/0083

exchange.xforce.ibmcloud.com/vulnerabilities/55429

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.4%

JSON

Related for CVE-2010-0936

nvd1 cvelist1 prion1