Lucene search

PRIOn knowledge basePRION:CVE-2011-5159

HistorySep 09, 2012 - 9:55 p.m.

Cross site scripting

2012-09-0921:55:00

PRIOn knowledge base

www.prio-n.com

6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

45.9%

JSON

Cross-site scripting (XSS) vulnerability in admin/configuration.php in Geeklog before 1.7.1sr1 allows remote attackers to inject arbitrary web script or HTML via the sub_group parameter, a different vulnerability than CVE-2011-4942.

CPENameOperatorVersion
geeklogeq1.3.5
geeklogeq1.3.8
geeklogeq1.3.6
geeklogeq1.3.7
geeklogeq1.35
geeklogeq1.5.0
geeklogeq1.3.10
geeklogeq1.5.1
geeklogeq1.3
geeklogeq1.4.0

Name	Operator	Version
geeklog	eq	1.3.5
geeklog	eq	1.3.8
geeklog	eq	1.3.6
geeklog	eq	1.3.7
geeklog	eq	1.35
geeklog	eq	1.5.0
geeklog	eq	1.3.10
geeklog	eq	1.5.1
geeklog	eq	1.3
geeklog	eq	1.4.0

Rows per page:

1-10 of 141

References

secunia.com/advisories/42775

www.geeklog.net/article.php/geeklog-1.7.1sr1

www.osvdb.org/70245

6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

45.9%

JSON

Related for PRION:CVE-2011-5159