Lucene search

[email protected]NVD:CVE-2009-3283

HistorySep 22, 2009 - 10:30 a.m.

CVE-2009-3283

2009-09-2210:30:00

CWE-79

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.8%

JSON

Cross-site scripting (XSS) vulnerability in phpspot PHP BBS, PHP Image Capture BBS, PHP & CSS BBS, PHP BBS CE, PHP_RSS_Builder, and webshot, dated before 20090914, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to cookies.

Affected configurations

NVD

Node

phpspotphp_\&_css_bbs

phpspotphp_bbs

phpspotphp_bbs_ce

phpspotphp_image_capture_bbs

phpspotphp_rss_builder

phpspotwebshot

References

jvn.jp/en/jp/JVN53591199/index.html

jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000063.html

phpspot.net/php/pg2009%94N9%8C%8E%20PHP%83X%83N%83%8A%83v%83g%82%CC%90%C6%8E%E3%90%AB.html

secunia.com/advisories/36783

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.8%

JSON

Related for NVD:CVE-2009-3283

cvelist1 prion1 cve1 jvn1