CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-3735

Cross-site scripting (XSS) vulnerability in index.php in PHPizabi before 848 Core HotFix Pack 3 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a blogs.search action.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 48.6%

CVSS Severity

CVSS v2 Score 4.3

References

http://lostmon.blogspot.com/2008/08/phpizabi-v0848b-traversal-file-access.html
http://packetstormsecurity.org/0808-exploits/phpizabi-traverse.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/44691
http://lostmon.blogspot.com/2008/08/phpizabi-v0848b-traversal-file-access.html
http://packetstormsecurity.org/0808-exploits/phpizabi-traverse.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/44691

Products affected by CVE-2008-3735

Phpizabi » Phpizabi » Version: 0.848b

cpe:2.3:a:phpizabi:phpizabi:0.848b

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-3735

Products

Pricing

Contact Us