NVD

Id
1344  
Name
CVE-2008-1386  
Description
Multiple cross-site scripting (XSS) vulnerabilities in the installer in Serendipity (S9Y) 1.3 allow remote attackers to inject arbitrary web script or HTML via (1) unspecified path fields or (2) the database host field. NOTE: the timing window for exploitation of this issue might be limited.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-03  
Published
2008-04-23  
Modified Date
2011-03-07  
Seq
2008-1386  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
8634 1344 CVE-2008-1386 20080422 Correcting CVEs (was Re: [Full-disclosure] Cross site scripting issues in s9y (CVE-2008-1386, CVE-2008-1387))  View
8635 1344 CVE-2008-1386 http://blog.s9y.org/archives/193-Serendipity-1.3.1-released.html  View
8636 1344 CVE-2008-1386 http://int21.de/cve/CVE-2008-1386-s9y.html  View
8637 1344 CVE-2008-1386 20080422 Correcting CVEs (was Re: [Full-disclosure] Cross site scripting issues in s9y (CVE-2008-1386, CVE-2008-1387))  View
8638 1344 CVE-2008-1386 28885  View
8639 1344 CVE-2008-1386 1019915  View
8640 1344 CVE-2008-1386 ADV-2008-1348  View
8641 1344 CVE-2008-1386 serendipity-installer-xss(41967)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
50282 JVNDB-2008-005592 S9Y のインストーラにおけるクロスサイトスクリプティングの脆弱性 Serendipity (S9Y) のインストーラには、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2008-1386 31499 CVE-2008-1386 1344 4.3 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-005592.html 2008-04-22 2012-12-20 View