Lucene search
HistoryDec 22, 2010 - 3:00 a.m.
CVE-2010-4275
cve
2010
4275
xss
vulnerabilities
radius manager 3.8.0
remote
injection
web script
html
update_usergroup
store_nas
admin.php
5.4 Medium
AI Score
Confidence
High
3.5 Low
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
41.9%
Multiple cross-site scripting (XSS) vulnerabilities in Radius Manager 3.8.0 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) name or (2) descr parameter in an (a) update_usergroup or a (b) store_nas action to admin.php.
Affected configurations
Node
dmasoftlabradius_managerMatch3.8.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| dmasoftlab:radius_manager | dmasoftlab radius manager | eq | 3.8.0 |
Related
exploitpack
exploitpack
Radius Manager 3.8.0 - Multiple Cross-Site Scripting Vulnerabilities
2010-12-17 00:00:00
prion
prion
Cross site scripting
2010-12-22 03:00:00
nvd
nvd
CVE-2010-4275
2010-12-22 03:00:03
packetstorm
packetstorm
Radius Manager Cross Site Scripting
2010-12-17 00:00:00
cvelist
cvelist
CVE-2010-4275
2010-12-22 01:00:00
exploitdb
exploitdb
Radius Manager 3.8.0 - Multiple Cross-Site Scripting Vulnerabilities
2010-12-17 00:00:00
5.4 Medium
AI Score
Confidence
High
3.5 Low
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
41.9%
Related for CVE-2010-4275