Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2010-0376
HistoryJan 21, 2010 - 10:30 p.m.

CVE-2010-0376

2010-01-2122:30:00
CWE-79
[email protected]
web.nvd.nist.gov
1

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6

Confidence

High

EPSS

0.004

Percentile

74.1%

JSON

Cross-site scripting (XSS) vulnerability in product_list.php in JCE-Tech PHP Calendars, downloaded 2010-01-11, allows remote attackers to inject arbitrary web script or HTML via the cat parameter. NOTE: this issue is reportedly resultant from a forced SQL error message that occurs from exploitation of CVE-2010-0375.

Affected configurations

Nvd
Node
jce-techphp_calendars_script
VendorProductVersionCPE
jce-techphp_calendars_script*cpe:2.3:a:jce-tech:php_calendars_script:*:*:*:*:*:*:*:*

Related

cvelist 2
cve 2
prion 2
exploitdb 1
nvd 1
cvelist
cvelist
CVE-2010-0376
2010-01-21 22:00:00
CVE-2010-0375
2010-01-21 22:00:00
cve
cve
CVE-2010-0376
2010-01-21 22:30:00
CVE-2010-0375
2010-01-21 22:30:00
prion
prion
Cross site scripting
2010-01-21 22:30:00
Sql injection
2010-01-21 22:30:00
exploitdb
exploitdb
PHPCalendars - Multiple Vulnerabilities
2010-01-10 00:00:00
nvd
nvd
CVE-2010-0375
2010-01-21 22:30:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6

Confidence

High

EPSS

0.004

Percentile

74.1%

JSON
Related for NVD:CVE-2010-0376
cvelist2cve2prion2exploitdb1nvd1