AI Score
Confidence
High
EPSS
Percentile
83.1%
Multiple cross-site scripting (XSS) vulnerabilities in Logaholic before 2.0 RC8 allow remote attackers to inject arbitrary web script or HTML via (1) the newconfname parameter to profiles.php or (2) the conf parameter to index.php.
osvdb.org/39792
osvdb.org/39793
secunia.com/advisories/28263
securityreason.com/securityalert/3496
www.securityfocus.com/archive/1/485480/100/0/threaded
www.securityfocus.com/archive/1/490101/100/0/threaded
www.securityfocus.com/bid/27003
exchange.xforce.ibmcloud.com/vulnerabilities/39223