CVE-2003-1539

2022-10-0316:15:41

mitre

www.cve.org

cross-site scripting

onedotoh simple file manager

sfm

web script

html

file names

directory names

5.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.5%

JSON

Cross-site scripting (XSS) vulnerability in ONEdotOH Simple File Manager (SFM) before 0.21 allows remote attackers to inject arbitrary web script or HTML via (1) file names and (2) directory names.

References

secunia.com/advisories/8257

sourceforge.net/project/shownotes.php?release_id=144274

sourceforge.net/tracker/index.php?func=detail&aid=695597&group_id=60333&atid=493842

www.securityfocus.com/bid/7035