4.3
CVE-2004-1384
- EPSS 4.04%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:07:35
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple cross-site scripting (XSS) vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) kp3, (2) type, (3) msg, (4) forum_id, (5) pos, (6) cats_app, (7) cat_id, (8) msgball[msgnum], (9) fldball[acctnum] parameters to index.php or (10) ticket_id to viewticket_details.php.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Phpgroupware ≫ Phpgroupware Version0.9.12
Phpgroupware ≫ Phpgroupware Version0.9.13
Phpgroupware ≫ Phpgroupware Version0.9.14
Phpgroupware ≫ Phpgroupware Version0.9.14.003
Phpgroupware ≫ Phpgroupware Version0.9.14.005
Phpgroupware ≫ Phpgroupware Version0.9.14.006
Phpgroupware ≫ Phpgroupware Version0.9.14.007
Phpgroupware ≫ Phpgroupware Version0.9.16.000
Phpgroupware ≫ Phpgroupware Version0.9.16.002
Phpgroupware ≫ Phpgroupware Version0.9.16.003
Phpgroupware ≫ Phpgroupware Version0.9.16_rc1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.04% | 0.893 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://marc.info/?l=bugtraq&m=110312656029072&w=2
http://www.gentoo.org/security/en/glsa/glsa-200501-08.xml
http://www.gulftech.org/?node=research&article_id=00054-12142004
http://www.securityfocus.com/bid/11952
https://exchange.xforce.ibmcloud.com/vulnerabilities/18496