7.5

CVE-2001-1199

Exploit
Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enabled, allows remote attackers to execute Javascript on other clients via the cart_id parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Steve KneizysAgora.Cgi Version3.2
Steve KneizysAgora.Cgi Version3.2a
Steve KneizysAgora.Cgi Version3.2b
Steve KneizysAgora.Cgi Version3.2c
Steve KneizysAgora.Cgi Version3.2d
Steve KneizysAgora.Cgi Version3.2e
Steve KneizysAgora.Cgi Version3.2f
Steve KneizysAgora.Cgi Version3.2g
Steve KneizysAgora.Cgi Version3.2h
Steve KneizysAgora.Cgi Version3.2i
Steve KneizysAgora.Cgi Version3.2j
Steve KneizysAgora.Cgi Version3.2ja
Steve KneizysAgora.Cgi Version3.2k
Steve KneizysAgora.Cgi Version3.2l
Steve KneizysAgora.Cgi Version3.2m
Steve KneizysAgora.Cgi Version3.2n
Steve KneizysAgora.Cgi Version3.2p
Steve KneizysAgora.Cgi Version3.2q
Steve KneizysAgora.Cgi Version3.2r
Steve KneizysAgora.Cgi Version3.3a
Steve KneizysAgora.Cgi Version3.3b
Steve KneizysAgora.Cgi Version3.3c
Steve KneizysAgora.Cgi Version3.3d
Steve KneizysAgora.Cgi Version3.3e
Steve KneizysAgora.Cgi Version3.3f
Steve KneizysAgora.Cgi Version3.3i
Steve KneizysAgora.Cgi Version3.3j
Steve KneizysAgora.Cgi Version4.0
Steve KneizysAgora.Cgi Version4.0a
Steve KneizysAgora.Cgi Version4.0b
Steve KneizysAgora.Cgi Version4.0c
Steve KneizysAgora.Cgi Version4.0d
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 8.73% 0.945
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.agoracgi.com/security.html
URL Repurposed
http://www.iss.net/security_center/static/7708.php
Vendor Advisory
http://www.osvdb.org/698
http://www.securityfocus.com/archive/1/246044
Vendor Advisory
http://www.securityfocus.com/bid/3702
Patch
Vendor Advisory
Exploit