Lucene search
HistoryDec 22, 2010 - 3:00 a.m.
CVE-2010-4275
cve
2010
4275
xss
vulnerabilities
radius manager 3.8.0
remote
injection
web script
html
update_usergroup
store_nas
admin.php
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
42.0%
Multiple cross-site scripting (XSS) vulnerabilities in Radius Manager 3.8.0 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) name or (2) descr parameter in an (a) update_usergroup or a (b) store_nas action to admin.php.
Affected configurations
Node
dmasoftlabradius_managerMatch3.8.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| dmasoftlab:radius_manager | dmasoftlab radius manager | eq | 3.8.0 |
Related
exploitpack
exploitpack
Radius Manager 3.8.0 - Multiple Cross-Site Scripting Vulnerabilities
2010-12-17 00:00:00
prion
prion
Cross site scripting
2010-12-22 03:00:00
nvd
nvd
CVE-2010-4275
2010-12-22 03:00:03
cvelist
cvelist
CVE-2010-4275
2010-12-22 01:00:00
packetstorm
packetstorm
Radius Manager Cross Site Scripting
2010-12-17 00:00:00
exploitdb
exploitdb
Radius Manager 3.8.0 - Multiple Cross-Site Scripting Vulnerabilities
2010-12-17 00:00:00
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
42.0%
Related for CVE-2010-4275