Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

CVE-2011-5258

🗓️ 12 Feb 2013 20:02:55Reported by mitreType 
cve
 cve🔗 web.nvd.nist.gov👁 21 Views🌐 WEB

Multiple XSS vulnerabilities in OrangeHRM before 2.6.11.2 allow remote attackers to inject arbitrary web script or HTML

Show more
Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
NVD		CVE-2011-5258
12 Feb 201320:55
nvd
Prion		Cross site scripting
12 Feb 201320:55
prion
Cvelist		CVE-2011-5258
12 Feb 201320:00
cvelist
Nvd
Node
orangehrmorangehrmRange2.6.11
OR
orangehrmorangehrmMatch2.6.0
OR
orangehrmorangehrmMatch2.6.0.1
OR
orangehrmorangehrmMatch2.6.1
OR
orangehrmorangehrmMatch2.6.2
OR
orangehrmorangehrmMatch2.6.3
OR
orangehrmorangehrmMatch2.6.4
OR
orangehrmorangehrmMatch2.6.5
OR
orangehrmorangehrmMatch2.6.6
OR
orangehrmorangehrmMatch2.6.7
OR
orangehrmorangehrmMatch2.6.8
OR
orangehrmorangehrmMatch2.6.8.1
OR
orangehrmorangehrmMatch2.6.9
OR
orangehrmorangehrmMatch2.6.10
ParameterPositionPathDescriptionCWE
uniqcodequery param/index.phpCross-site scripting (XSS) vulnerability allowing injection of arbitrary web script or HTML.CWE-79
isAdminquery param/index.phpCross-site scripting (XSS) vulnerability allowing injection of arbitrary web script or HTML.CWE-79
PATH_INFOpath/lib/controllers/centralcontroller.phpCross-site scripting (XSS) vulnerability allowing injection of arbitrary web script or HTML.CWE-79

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
12 Feb 2013 20:55Current
5.9Medium risk
Vulners AI Score5.9
CVSS24.3
EPSS0.01093
CWE-79
orangehrmxssvulnerabilitiesremote attackersweb scripthtml
21
.json
Report