NVD

Id
11061  
Name
CVE-2011-4709  
Description
Multiple cross-site scripting (XSS) vulnerabilities in Hotaru.php in the Search plugin 1.3 for Hotaru CMS allow remote attackers to inject arbitrary web script or HTML via the (1) SITE_NAME parameter to admin_index.php, or the (2) return and (3) search parameters to index.php. NOTE: some of these details are obtained from third party information.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-07  
Published
2011-12-08  
Modified Date
2011-12-09  
Seq
2011-4709  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
61612 11061 CVE-2011-4709 http://www.zeroscience.mk/codes/hotarucms_xss.txt  View
61613 11061 CVE-2011-4709 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5057.php  View
61614 11061 CVE-2011-4709 hotarucms-index-xss(71300)  View
61615 11061 CVE-2011-4709 hotarucms-hotaru-xss(71301)  View
61616 11061 CVE-2011-4709 hotaru-hotaru-xss(71302)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
33087 JVNDB-2011-003327 Hotaru CMS の Search プラグイン内にある Hotaru.php におけるクロスサイトスクリプティングの脆弱性 Hotaru CMS の Search プラグイン内にある Hotaru.php には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2011-4709 52616 CVE-2011-4709 11061 4.3 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003327.html 2011-12-08 2011-12-13 View