Lucene search
HistoryFeb 13, 2009 - 6:30 p.m.
CVE-2008-6127
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.6
Confidence
High
EPSS
0.003
Percentile
65.5%
Multiple cross-site scripting (XSS) vulnerabilities in moziloCMS 1.10.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) page and (2) query parameters to (a) index.php, (3) cat and (4) file parameters to (b) download.php, (5) gal parameter to gallery.php, and the (6) URL to admin/login.php.
Affected configurations
Node
mozilomozilocmsRange≤1.10.2
ORmozilomozilocmsMatch1.0
ORmozilomozilocmsMatch1.1
ORmozilomozilocmsMatch1.1.1
ORmozilomozilocmsMatch1.2
ORmozilomozilocmsMatch1.3
ORmozilomozilocmsMatch1.3.1
ORmozilomozilocmsMatch1.4
ORmozilomozilocmsMatch1.5
ORmozilomozilocmsMatch1.6
ORmozilomozilocmsMatch1.6.1
ORmozilomozilocmsMatch1.6.2
ORmozilomozilocmsMatch1.7
ORmozilomozilocmsMatch1.8
ORmozilomozilocmsMatch1.9
ORmozilomozilocmsMatch1.9.1
ORmozilomozilocmsMatch1.9.2
ORmozilomozilocmsMatch1.9.3
ORmozilomozilocmsMatch1.10
ORmozilomozilocmsMatch1.10.1
Related
prion
prion
Cross site scripting
2009-02-13 18:30:00
Cross site scripting
2009-04-22 21:30:00
Cross site scripting
2009-12-04 19:30:00
cve
cve
cvelist
cvelist
nvd
nvd
CVE-2009-1367
2009-04-22 21:30:14
CVE-2009-4209
2009-12-04 19:30:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.6
Confidence
High
EPSS
0.003
Percentile
65.5%
Related for NVD:CVE-2008-6127