CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-1825

Cross-site scripting (XSS) vulnerability in index.php in Mambo Open Source 4.5 stable 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) return or (2) mos_change_template parameters.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.013

EPSS Ranking 79.1%

CVSS Severity

CVSS v2 Score 4.3

References

http://marc.info/?l=bugtraq&m=107945576020593&w=2
http://secunia.com/advisories/11140
http://www.osvdb.org/4308
http://www.osvdb.org/4665
http://www.securityfocus.com/bid/9890
https://exchange.xforce.ibmcloud.com/vulnerabilities/15499
http://marc.info/?l=bugtraq&m=107945576020593&w=2
http://secunia.com/advisories/11140
http://www.osvdb.org/4308
http://www.osvdb.org/4665
http://www.securityfocus.com/bid/9890
https://exchange.xforce.ibmcloud.com/vulnerabilities/15499

Products affected by CVE-2004-1825

Mambo » Mambo Open Source » Version: 4.5_1.0.0

cpe:2.3:a:mambo:mambo_open_source:4.5_1.0.0
Mambo » Mambo Open Source » Version: 4.5_1.0.1

cpe:2.3:a:mambo:mambo_open_source:4.5_1.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-1825

Products

Pricing

Contact Us