Lucene search
+L

CVE-2017-5870

🗓️ 23 May 2017 03:56:00Reported by mitreType 
cve
 cve
🔗 web.nvd.nist.gov👁 69 Views🌐 WEB

Multiple XSS vulnerabilities in ViMbAdmin 3.0.15 allow remote attackers to inject arbitrary web script or HTML

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
cnvd
Open Source Solutions ViMbAdmin Cross-Site Scripting Vulnerability
24 May 201700:00
cnvd
cvelist
CVE-2017-5870
23 May 201703:56
cvelist
euvd
EUVD-2022-4380
3 Oct 202520:07
euvd
github
ViMbAdmin Cross-site Scripting Vulnerabilities
17 May 202202:43
github
nvd
CVE-2017-5870
23 May 201704:29
nvd
openvas
ViMbAdmin Multiple Vulnerabilities
14 Jun 201700:00
openvas
osv
CVE-2017-5870
23 May 201704:29
osv
osv
GHSA-JJ4J-CWGQ-FX7G ViMbAdmin Cross-site Scripting Vulnerabilities
17 May 202202:43
osv
packetstorm
ViMbAdmin 3.0.15 Cross Site Scripting
5 May 201700:00
packetstorm
prion
Cross site scripting
23 May 201704:29
prion
Rows per page
NVD
Node
ParameterPositionPathDescriptionCWE
domainrequest bodydomain/addStored XSS in domain/add via domain and transport parametersCWE-79
transportrequest bodydomain/addStored XSS in domain/add via domain and transport parametersCWE-79
namerequest bodymailbox/add/did/<domain id>Stored XSS in mailbox/add/did/<domain id> via name (and related fields)CWE-79
local_partrequest bodymailbox/add/did/<domain id>Stored XSS in mailbox/add/did/<domain id> via name (and related fields)CWE-79
domainrequest bodymailbox/add/did/<domain id>Stored XSS in mailbox/add/did/<domain id> via name (and related fields)CWE-79
gotorequest bodyalias/add/did/<domain id>Stored XSS in alias/add/did/<domain id> via goto parameterCWE-79
local_partrequest bodyalias/add/did/<domain id>Stored XSS in alias/add/did/<domain id> via goto parameterCWE-79
domainrequest bodyalias/add/did/<domain id>Stored XSS in alias/add/did/<domain id> via goto parameterCWE-79
captchatextrequest bodyauth/lost-passwordReflected/stored XSS via captchatext on auth/lost-password pageCWE-79

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 01:21Current
5.6Medium risk
Vulners AI Score5.6
CVSS 23.5
CVSS 35.4
EPSS0.01012
69