CVE-2008-6396

2009-03-0417:00:00

mitre

www.cve.org

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

57.2%

JSON

Cross-site scripting (XSS) vulnerability in account.php in Celerondude Uploader 6.1 allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: some of these details are obtained from third party information.

References

packetstormsecurity.org/0809-exploits/uploader6-xss.txt

secunia.com/advisories/31735

www.securityfocus.com/bid/31010

exchange.xforce.ibmcloud.com/vulnerabilities/44897