Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2009-2006
HistoryJun 08, 2009 - 7:00 p.m.

CVE-2009-2006

2009-06-0819:00:00
mitre
raw.githubusercontent.com
1

5.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.0%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) search_term parameter to main/auth/courses.php; the (2) frm_title and (3) frm_content parameters in a new personal agenda item action; the (4) title and (5) tutor_name parameters in a new course action; and the (6) student and (7) course parameters to main/mySpace/myStudents.php. NOTE: vectors 2 and 3 might only be exploitable via a separate CSRF vulnerability.

Related

prion 2
cve 1
securityvulns 2
cvelist 1
prion
prion
Cross site scripting
2009-06-08 19:30:00
Sql injection
2009-06-08 19:30:00
cve
cve
CVE-2009-2006
2009-06-08 19:30:00
securityvulns
securityvulns
ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability
2009-01-22 00:00:00
Apple QuickTime multiple security vulnerabilities
2009-01-23 00:00:00
cvelist
cvelist
CVE-2009-2008
2009-06-08 19:00:00

5.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.0%

JSON
Related for CVELIST:CVE-2009-2006
prion2cve1securityvulns2cvelist1