Lucene search

[email protected]NVD:CVE-2010-4358

HistoryDec 01, 2010 - 4:06 p.m.

CVE-2010-4358

2010-12-0116:06:13

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.004

Percentile

74.1%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in gb.cgi in MRCGIGUY (MCG) Guestbook 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) email, (3) website, and (4) message parameters.

Affected configurations

Nvd

Node

mrcgiguyguestbookMatch1.0

VendorProductVersionCPE
mrcgiguyguestbook1.0cpe:2.3:a:mrcgiguy:guestbook:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mrcgiguy	guestbook	1.0	cpe:2.3:a:mrcgiguy:guestbook:1.0:::::::*

References

evuln.com/vulns/144/summary.html

packetstormsecurity.org/files/view/96101/mcgguestbook-xss.txt

secunia.com/advisories/42315

www.securityfocus.com/archive/1/514884/100/0/threaded

www.securityfocus.com/bid/45043

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.004

Percentile

74.1%

JSON

Related for NVD:CVE-2010-4358

prion1 cve1 cvelist1