Lucene search

MitreCVE-2012-2911

HistoryMay 21, 2012 - 6:55 p.m.

CVE-2012-2911

2012-05-2118:55:07

CWE-79

mitre

web.nvd.nist.gov

cve-2012-2911

cross-site scripting

xss

silisoftware

backupdb

security vulnerability

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

57.2%

JSON

Cross-site scripting (XSS) vulnerability in backupDB.php in SiliSoftware backupDB() 1.2.7a allows remote attackers to inject arbitrary web script or HTML via the onlyDB parameter.

Affected configurations

Nvd

Node

silisoftwarebackupdb\(\)Match1.2.7a

VendorProductVersionCPE
silisoftwarebackupdb\(\)1.2.7acpe:2.3:a:silisoftware:backupdb\(\):1.2.7a:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
silisoftware	backupdb\(\)	1.2.7a	cpe:2.3:a:silisoftware:backupdb\(\):1.2.7a:::::::*

References

packetstormsecurity.org/files/112801/SiliSoftware-backupDB-1.2.7a-Cross-Site-Scripting.html

www.securityfocus.com/bid/53575

www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5089.php

exchange.xforce.ibmcloud.com/vulnerabilities/75710

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

57.2%

JSON

Related for CVE-2012-2911