Lucene search
HistoryFeb 27, 2014 - 3:55 p.m.
CVE-2014-2035
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.6
Confidence
High
EPSS
0.002
Percentile
56.9%
Cross-site scripting (XSS) vulnerability in xhr.php in InterWorx Web Control Panel (aka InterWorx Hosting Control Panel and InterWorx-CP) before 5.0.13 build 574 allows remote attackers to inject arbitrary web script or HTML via the i parameter.
Affected configurations
Node
interworxweb_control_panelRangeβ€5.0.13
ORinterworxweb_control_panelMatch5.0
ORinterworxweb_control_panelMatch5.0.10
ORinterworxweb_control_panelMatch5.0.11
ORinterworxweb_control_panelMatch5.0.12
Related
packetstorm
packetstorm
InterWorx Web Control Panel Cross Site Scripting
2014-02-22 00:00:00
prion
prion
Cross site scripting
2014-02-27 15:55:00
cvelist
cvelist
CVE-2014-2035
2014-02-27 15:00:00
seebug
seebug
InterWorx Web Control Panelθ·¨η«θζ¬ζΌζ΄
2014-02-25 00:00:00
zdt
zdt
InterWorx Web Control Panel Cross Site Scripting Vulnerability
2014-03-26 00:00:00
openvas
openvas
InterWorx Web Control Panel Information Disclosure and XSS Vulnerability
2014-10-16 00:00:00
securityvulns
securityvulns
[CVE-2014-2035] XSS in InterWorx Web Control Panel <= 5.0.12
2014-05-05 00:00:00
cve
cve
CVE-2014-2035
2014-02-27 15:55:15
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.6
Confidence
High
EPSS
0.002
Percentile
56.9%
Related for NVD:CVE-2014-2035