Lucene search
HistoryNov 04, 2014 - 4:55 p.m.
CVE-2014-8593
cve-2014-8593
xss
allomani weblinks 1.0
nvd
cross-site scripting
web security
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.9 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
66.1%
Multiple cross-site scripting (XSS) vulnerabilities in Allomani Weblinks 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) default URI to admin.php or the (2) id parameter to admin.php or (3) go.php.
Affected configurations
Node
allomaniallomani_weblinksMatch1.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| allomani:allomani_weblinks | allomani allomani weblinks | eq | 1.0 |
Related
cvelist
cvelist
CVE-2014-8593
2014-11-04 16:00:00
nvd
nvd
CVE-2014-8593
2014-11-04 16:55:06
prion
prion
Cross site scripting
2014-11-04 16:55:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.9 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
66.1%
Related for CVE-2014-8593