CVE-2012-5700

2014-09-2215:55:07

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.003

Percentile

71.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Baby Gekko before 1.2.2f allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to admin/index.php or the (2) username or (3) password parameter in blocks/loginbox/loginbox.template.php to index.php. NOTE: some of these details are obtained from third party information.

Affected configurations

Nvd

Node

babygekkobaby_gekkoRange≤1.2.2e

babygekkobaby_gekkoMatch0.90

babygekkobaby_gekkoMatch0.91

babygekkobaby_gekkoMatch0.98alpha

babygekkobaby_gekkoMatch0.99beta

babygekkobaby_gekkoMatch1.0.0

babygekkobaby_gekkoMatch1.0.1

babygekkobaby_gekkoMatch1.1.0

babygekkobaby_gekkoMatch1.1.1

babygekkobaby_gekkoMatch1.1.2

babygekkobaby_gekkoMatch1.1.3

babygekkobaby_gekkoMatch1.1.4

babygekkobaby_gekkoMatch1.1.5

babygekkobaby_gekkoMatch1.2.0

babygekkobaby_gekkoMatch1.2.2

babygekkobaby_gekkoMatch1.2.2a

babygekkobaby_gekkoMatch1.2.2d

VendorProductVersionCPE
babygekkobaby_gekko*cpe:2.3:a:babygekko:baby_gekko:*:e:*:*:*:*:*:*
babygekkobaby_gekko0.90cpe:2.3:a:babygekko:baby_gekko:0.90:*:*:*:*:*:*:*
babygekkobaby_gekko0.91cpe:2.3:a:babygekko:baby_gekko:0.91:*:*:*:*:*:*:*
babygekkobaby_gekko0.98cpe:2.3:a:babygekko:baby_gekko:0.98:alpha:*:*:*:*:*:*
babygekkobaby_gekko0.99cpe:2.3:a:babygekko:baby_gekko:0.99:beta:*:*:*:*:*:*
babygekkobaby_gekko1.0.0cpe:2.3:a:babygekko:baby_gekko:1.0.0:*:*:*:*:*:*:*
babygekkobaby_gekko1.0.1cpe:2.3:a:babygekko:baby_gekko:1.0.1:*:*:*:*:*:*:*
babygekkobaby_gekko1.1.0cpe:2.3:a:babygekko:baby_gekko:1.1.0:*:*:*:*:*:*:*
babygekkobaby_gekko1.1.1cpe:2.3:a:babygekko:baby_gekko:1.1.1:*:*:*:*:*:*:*
babygekkobaby_gekko1.1.2cpe:2.3:a:babygekko:baby_gekko:1.1.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
babygekko	baby_gekko	*	cpe:2.3:a:babygekko:baby_gekko::e::::::*
babygekko	baby_gekko	0.90	cpe:2.3:a:babygekko:baby_gekko:0.90:::::::*
babygekko	baby_gekko	0.91	cpe:2.3:a:babygekko:baby_gekko:0.91:::::::*
babygekko	baby_gekko	0.98	cpe:2.3:a:babygekko:baby_gekko:0.98:alpha::::::
babygekko	baby_gekko	0.99	cpe:2.3:a:babygekko:baby_gekko:0.99:beta::::::
babygekko	baby_gekko	1.0.0	cpe:2.3:a:babygekko:baby_gekko:1.0.0:::::::*
babygekko	baby_gekko	1.0.1	cpe:2.3:a:babygekko:baby_gekko:1.0.1:::::::*
babygekko	baby_gekko	1.1.0	cpe:2.3:a:babygekko:baby_gekko:1.1.0:::::::*
babygekko	baby_gekko	1.1.1	cpe:2.3:a:babygekko:baby_gekko:1.1.1:::::::*
babygekko	baby_gekko	1.1.2	cpe:2.3:a:babygekko:baby_gekko:1.1.2:::::::*