CVE

Id
45048  
CVE No.
CVE-2010-2464  
Status
Candidate  
Description
Multiple cross-site scripting (XSS) vulnerabilities in the RSComments (com_rscomments) component 1.0.0 Rev 2 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) website and (2) name parameters to index.php.  
Phase
Assigned (20100625)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
491281 45048 CVE-2010-2464 EXPLOIT-DB:13935  View
491282 45048 CVE-2010-2464 URL:http://www.exploit-db.com/exploits/13935  View
491283 45048 CVE-2010-2464 MISC:http://packetstormsecurity.org/1006-exploits/joomlarscomments-xss.txt  View
491284 45048 CVE-2010-2464 MISC:http://www.rsjoomla.com/customer-support/documentations/96--general-overview-of-the-component/393-changelog.html  View
491285 45048 CVE-2010-2464 BID:40977  View
491286 45048 CVE-2010-2464 URL:http://www.securityfocus.com/bid/40977  View
491287 45048 CVE-2010-2464 SECUNIA:40278  View
491288 45048 CVE-2010-2464 URL:http://secunia.com/advisories/40278  View
491289 45048 CVE-2010-2464 XF:rscomments-index-xss(59578)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
39117 JVNDB-2010-004902 Linear eMerge などで使用される S2 Security NetBox における特権を取得される脆弱性 Linear eMerge および Sonitrol eAccess で使用される S2 Security NetBox は、管理者パスワードの格納に、脆弱なハッシュアレゴリズムを使用するため、特権を取得される脆弱性が存在します。 CVE-2010-2468 45048 10 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-004902.html  View