NVD

Id
15856  
Name
CVE-2010-4607  
Description
Multiple cross-site scripting (XSS) vulnerabilities in Habari 0.6.5, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) additem_form parameter to system/admin/dash_additem.php and the (2) status_data[] parameter to system/admin/dash_status.php. NOTE: some of these details are obtained from third party information.  
Reject
 
CVSS Version
2  
CVSS Score
2.6  
Severity
Low  
CVSS Base Score
2.6  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
4.9  
CVSS Vector
(AV:N/AC:H/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-18  
Published
2010-12-29  
Modified Date
2011-01-04  
Seq
2010-4607  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
89873 15856 CVE-2010-4607 http://wiki.habariproject.org/en/Release_0.6.6  View
89874 15856 CVE-2010-4607 15799  View
89875 15856 CVE-2010-4607 http://www.htbridge.ch/advisory/xss_vulnerability_in_habari.html  View
89876 15856 CVE-2010-4607 http://www.htbridge.ch/advisory/xss_vulnerability_in_habari_1.html  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
37760 JVNDB-2010-003545 Habari におけるクロスサイトスクリプティングの脆弱性 Habari は、register_globals が有効になっている際、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2010-4607 47187 CVE-2010-4607 15856 2.6 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-003545.html 2010-12-04 2012-03-27 View