NVD

Id
13039  
Name
CVE-2010-1515  
Description
Multiple cross-site scripting (XSS) vulnerabilities in index.php in TomatoCMS 2.0.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) keyword or (2) article-id parameter in conjunction with a /admin/news/article/list PATH_INFO; the (3) keyword parameter in conjunction with a /admin/multimedia/set/list PATH_INFO; the (4) keyword or (5) fileId parameter in conjunction with a /admin/multimedia/file/list PATH_INFO; or the (6) name, (7) email, or (8) address parameter in conjunction with a /admin/ad/client/list PATH_INFO.  
Reject
 
CVSS Version
2  
CVSS Score
2.6  
Severity
Low  
CVSS Base Score
2.6  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
4.9  
CVSS Vector
(AV:N/AC:H/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-18  
Published
2010-06-15  
Modified Date
2010-06-18  
Seq
2010-1515  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
72172 13039 CVE-2010-1515 http://holisticinfosec.org/content/view/148/45/  View
72173 13039 CVE-2010-1515 40544  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
39632 JVNDB-2010-005417 TomatoCMS の index.php におけるクロスサイトスクリプティングの脆弱性 TomatoCMS の index.php には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2010-1515 44095 CVE-2010-1515 13039 2.6 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-005417.html 2010-06-15 2012-12-20 View