6.8

CVE-2004-0248

Exploit
Cross-site scripting vulnerability (XSS) in PHPX 3.2.3 allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into (1) keywords argument of main.inc.php, (2) body argument of help.inc.php, or (3) the subject field in Personal Messages and Forum.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PhpxPhpx Version3.2.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.49% 0.707
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://marc.info/?l=bugtraq&m=107586932324901&w=2
http://secunia.com/advisories/10797/
Patch
Vendor Advisory
http://www.securityfocus.com/bid/9569
Patch
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/15050
https://exchange.xforce.ibmcloud.com/vulnerabilities/15051