NVD

Id
29894  
Name
CVE-2014-10035  
Description
Multiple cross-site scripting (XSS) vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to inject arbitrary web script or HTML via the (1) sEcho parameter to comments_paginate.php or (2) stores_paginate.php or the (3) affiliate_url, (4) description, (5) domain, (6) seo[description], (7) seo[heading], (8) seo[title], (9) seo[keywords], (10) setting[logo], (11) setting[perpage], or (12) setting[sitename] to admin/index.php.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2015-01-13  
Modified Date
2015-01-14  
Seq
2014-10035  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
157639 29894 CVE-2014-10035 http://couponphp.com/changelog  View
157640 29894 CVE-2014-10035 http://packetstormsecurity.com/files/125480  View
157641 29894 CVE-2014-10035 32037  View
157642 29894 CVE-2014-10035 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5170.php  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
18798 JVNDB-2014-007673 couponPHP の管理エリアにおけるクロスサイトスクリプティングの脆弱性 couponPHP の管理エリア (admin area) には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2014-10035 68477 CVE-2014-10035 29894 4.3 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-007673.html 2014-03-02 2015-01-19 View