Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:23596
HistoryApr 10, 2020 - 12:31 a.m.

Cross-Site Scripting (XSS)

2020-04-1000:31:24
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

JSON

php is vulnerable to cross-site scripting. A cross-site scripting flaw was found in a way PHP reported errors for invalid cookies. If the PHP interpreter had “display_errors” enabled, a remote attacker able to set a specially-crafted cookie on a victim’s system could possibly inject arbitrary HTML into an error message generated by PHP.

Related

openvas 28
jvn 1
securityvulns 4
prion 1
nessus 19
ubuntucve 1
ubuntu 2
cve 1
centos 1
redhat 2
oraclelinux 1
osv 1
debian 1
fedora 4
gentoo 1
openvas
openvas
PHP display_errors XSS Vulnerability
2009-01-08 00:00:00
Ubuntu: Security Advisory (USN-761-2)
2009-06-05 00:00:00
PHP < 5.2.8 Multiple Vulnerabilities
2012-06-21 00:00:00
jvn
jvn
JVN#50327700 PHP vulnerable to cross-site scripting
2008-12-19 00:00:00
securityvulns
securityvulns
[security bulletin] HPSBMA02426 SSRT090053 rev.1 - HP System Management Homepage &#40;SMH&#41; for Linux and Windows Running PHP and OpenSSL, Remote Cross Site Scripting &#40;XSS&#41;, Unauthorized Access
2009-05-21 00:00:00
HP System Management Homepage crossite scripting
2010-02-04 00:00:00
[security bulletin] HPSBMA02492 SSRT100079 rev.1 - HP System Management Homepage &#40;SMH&#41; for Linux and Windows, Remote Cross Site Scripting &#40;XSS&#41;, Denial of Service &#40;DoS&#41;, Execution of Arbitrary Code, Unauthorized Access
2010-04-26 00:00:00
prion
prion
Cross site scripting
2009-01-02 18:11:00
nessus
nessus
Ubuntu 9.04 : php5 vulnerabilities (USN-761-2)
2009-04-28 00:00:00
PHP < 5.2.8 Multiple Vulnerabilities
2008-12-09 00:00:00
HP System Management Homepage < 3.0.1.73 Multiple Flaws
2009-05-20 00:00:00
ubuntucve
ubuntucve
CVE-2008-5814
2009-01-02 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2009-04-27 00:00:00
PHP vulnerabilities
2009-04-20 00:00:00
cve
cve
CVE-2008-5814
2009-01-02 18:11:00
centos
centos
php security update
2009-04-07 12:21:16
redhat
redhat
(RHSA-2009:0338) Moderate: php security update
2009-04-06 00:00:00
(RHSA-2009:0350) Moderate: php security update
2009-04-14 00:00:00
oraclelinux
oraclelinux
php security update
2009-04-06 00:00:00
osv
osv
php5 - several vulnerabilities
2009-05-04 00:00:00
debian
debian
[SECURITY] [DSA 1789-1] New php5 packages fix several vulnerabilities
2009-05-04 20:57:57
fedora
fedora
[SECURITY] Fedora 10 Update: php-5.2.9-2.fc10
2009-05-30 02:34:40
[SECURITY] Fedora 9 Update: php-5.2.9-2.fc9
2009-05-30 02:38:47
[SECURITY] Fedora 10 Update: maniadrive-1.2-13.fc10
2009-05-30 02:34:40
gentoo
gentoo
PHP: Multiple vulnerabilities
2010-01-05 00:00:00

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

JSON
Related for VERACODE:23596
openvas28jvn1securityvulns4prion1nessus19ubuntucve1ubuntu2cve1centos1redhat2oraclelinux1osv1debian1fedora4gentoo1