NVD

Id
182  
Name
CVE-2008-0197  
Description
Multiple cross-site scripting (XSS) vulnerabilities in wp-contact-form/options-contactform.php in the WP-ContactForm 1.5 alpha and earlier plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) wpcf_email, (2) wpcf_subject, (3) wpcf_question, (4) wpcf_answer, (5) wpcf_success_msg, (6) wpcf_error_msg, or (7) wpcf_msg parameter to wp-admin/admin.php, or (8) the SRC attribute of an IFRAME element.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-03  
Published
2008-01-09  
Modified Date
2008-09-05  
Seq
2008-0197  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
1406 182 CVE-2008-0197 20080103 securityvulns.com russian vulnerabilities digest  View
1407 182 CVE-2008-0197 3539  View
1408 182 CVE-2008-0197 http://securityvulns.ru/Sdocument546.html  View
1409 182 CVE-2008-0197 http://securityvulns.ru/Sdocument667.html  View
1410 182 CVE-2008-0197 http://websecurity.com.ua/1600/  View
1411 182 CVE-2008-0197 http://websecurity.com.ua/1641/  View
1412 182 CVE-2008-0197 20080103 securityvulns.com russian vulnerabilities digest  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
50035 JVNDB-2008-005345 WordPress 用の WP-ContactForm プラグインにおけるクロスサイトスクリプティングの脆弱性 WordPress 用の WP-ContactForm プラグインの wp-contact-form/options-contactform.php には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2008-0197 30310 CVE-2008-0197 182 4.3 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-005345.html 2008-01-09 2012-12-20 View