CVE

Id
35048  
CVE No.
CVE-2008-4931  
Status
Candidate  
Description
Cross-site scripting (XSS) vulnerability in the account module in firmCHANNEL Digital Signage 3.24, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the action parameter to index.php.  
Phase
Assigned (20081104)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
383510 35048 CVE-2008-4931 BUGTRAQ:20081104 FirmChannel Digital Signage 3.24 Cross-site scripting  View
383511 35048 CVE-2008-4931 URL:http://www.securityfocus.com/archive/1/archive/1/498042/100/0/threaded  View
383512 35048 CVE-2008-4931 OSVDB:49564  View
383513 35048 CVE-2008-4931 URL:http://osvdb.org/49564  View
383514 35048 CVE-2008-4931 SECUNIA:32549  View
383515 35048 CVE-2008-4931 URL:http://secunia.com/advisories/32549  View
383516 35048 CVE-2008-4931 SREASON:4566  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
48294 JVNDB-2008-003604 aview の asciiview における任意のファイルを上書きされる脆弱性 aview の asciiview には、任意のファイルを上書きされる脆弱性が存在します。 CVE-2008-4935 35048 6.9 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-003604.html  View