CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-5933

Multiple cross-site scripting (XSS) vulnerabilities in index.php in CMS ISWEB 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the strcerca parameter (aka the input field for the cerca action) or (2) the id_oggetto parameter. NOTE: some of these details are obtained from third party information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.013

EPSS Ranking 79.3%

CVSS Severity

CVSS v2 Score 4.3

References

http://secunia.com/advisories/33090
http://securityreason.com/securityalert/4933
http://www.securityfocus.com/bid/32823
https://www.exploit-db.com/exploits/7465
http://secunia.com/advisories/33090
http://securityreason.com/securityalert/4933
http://www.securityfocus.com/bid/32823
https://www.exploit-db.com/exploits/7465

Products affected by CVE-2008-5933

Cmsisweb » Cms Isweb » Version: 3.0

cpe:2.3:a:cmsisweb:cms_isweb:3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-5933

Products

Pricing

Contact Us