Lucene search

MitreCVELIST:CVE-2008-6041

HistoryOct 03, 2022 - 4:13 p.m.

CVE-2008-6041

2022-10-0316:13:50

mitre

www.cve.org

dataspade

xss

index.asp

remote attackers

web script

html

viewname

tablename

orderby

filterfield

5.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.6%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Index.asp in Dataspade 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) ViewName, (2) TableName, (3) OrderBy, and (4) FilterField parameters.

References

pridels-team.blogspot.com/2008/09/dataspade-xss-vuln.html

secunia.com/advisories/31999

www.securityfocus.com/bid/31317