Lucene search
HistoryDec 31, 2003 - 5:00 a.m.
CVE-2003-1536
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.058
Percentile
93.5%
Multiple cross-site scripting (XSS) vulnerabilities in Codeworx Technologies DCP-Portal 5.3.1 allow remote attackers to inject arbitrary web script or HTML via (1) the q parameter to search.php and (2) the year parameter to calendar.php.
Affected configurations
Node
dcp-portaldcp-portalMatch5.3.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| dcp-portal | dcp-portal | 5.3.1 | cpe:2.3:a:dcp-portal:dcp-portal:5.3.1:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2003-1536
2007-11-08 20:00:00
cvelist
cvelist
CVE-2003-1536
2007-11-08 20:00:00
exploitdb
exploitdb
DCP-Portal 5.3.1 - 'calendar.php' Cross-Site Scripting
2003-03-19 00:00:00
nessus
nessus
DCP-Portal Multiple Script XSS
2003-03-23 00:00:00
openvas
openvas
DCP-Portal <= 5.3.2 Multiple Vulnerabilities - Active Check
2005-11-03 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.058
Percentile
93.5%
Related for NVD:CVE-2003-1536