4.3
CVE-2003-1285
- EPSS 1.39%
- Veröffentlicht 31.12.2003 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple cross-site scripting (XSS) vulnerabilities in Sambar Server before 6.0 beta 6 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) isapi/testisa.dll, (2) testcgi.exe, (3) environ.pl, (4) the query parameter to samples/search.dll, (5) the price parameter to mortgage.pl, (6) the query string in dumpenv.pl, (7) the query string to dumpenv.pl, and (8) the E-Mail field of the guestbook script (book.pl).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Sambar ≫ Sambar Server Version5.0
Sambar ≫ Sambar Server Version5.0 Updatebeta1
Sambar ≫ Sambar Server Version5.0 Updatebeta2
Sambar ≫ Sambar Server Version5.0 Updatebeta3
Sambar ≫ Sambar Server Version5.0 Updatebeta4
Sambar ≫ Sambar Server Version5.0 Updatebeta5
Sambar ≫ Sambar Server Version5.0 Updatebeta6
Sambar ≫ Sambar Server Version5.1
Sambar ≫ Sambar Server Version5.1 Updatebeta1
Sambar ≫ Sambar Server Version5.1 Updatebeta2
Sambar ≫ Sambar Server Version5.1 Updatebeta3
Sambar ≫ Sambar Server Version5.1 Updatebeta4
Sambar ≫ Sambar Server Version5.1 Updatebeta5
Sambar ≫ Sambar Server Version5.2
Sambar ≫ Sambar Server Version5.3
Sambar ≫ Sambar Server Version6.0 Updatebeta1
Sambar ≫ Sambar Server Version6.0 Updatebeta2
Sambar ≫ Sambar Server Version6.0 Updatebeta3
Sambar ≫ Sambar Server Version6.0 Updatebeta4
Sambar ≫ Sambar Server Version6.0 Updatebeta5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.39% | 0.785 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|