CVE

Id
35331  
CVE No.
CVE-2008-5214  
Status
Candidate  
Description
Cross-site scripting (XSS) vulnerability in service/calendrier.php in ClanLite 2.2006.05.20 allows remote attackers to inject arbitrary web script or HTML via the annee parameter.  
Phase
Assigned (20081124)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
387218 35331 CVE-2008-5214 MILW0RM:5595  View
387219 35331 CVE-2008-5214 URL:http://www.milw0rm.com/exploits/5595  View
387220 35331 CVE-2008-5214 BID:29156  View
387221 35331 CVE-2008-5214 URL:http://www.securityfocus.com/bid/29156  View
387222 35331 CVE-2008-5214 SREASON:4628  View
387223 35331 CVE-2008-5214 URL:http://securityreason.com/securityalert/4628  View
387224 35331 CVE-2008-5214 XF:clanlite-calendrier-xss(42331)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
51164 JVNDB-2008-006474 ScriptsEz FREEze Greetings における平文パスワードを取得される脆弱性 ScriptsEz FREEze Greetings は、不十分なアクセスコントロールで Web ルート配下に pwd.txt を格納するため、平文パスワードを取得される脆弱性が存在します。 CVE-2008-5218 35331 5 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-006474.html  View