Vulnerability Details CVE-2008-6571
Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.3.4 might allow remote attackers to inject arbitrary web script or HTML via (1) new_images.php, (2) login.php, and unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.2%
CVSS Severity
CVSS v2 Score 4.3
References
- http://linpha.cvs.sourceforge.net/linpha/linpha/ChangeLog?view=markup
- http://osvdb.org/50225
- http://osvdb.org/50226
- http://osvdb.org/50227
- http://secunia.com/advisories/29724
- http://linpha.cvs.sourceforge.net/linpha/linpha/ChangeLog?view=markup
- http://osvdb.org/50225
- http://osvdb.org/50226
- http://osvdb.org/50227
- http://secunia.com/advisories/29724
Products affected by CVE-2008-6571
-
cpe:2.3:a:linpha:linpha:*
-
cpe:2.3:a:linpha:linpha:0.9.0
-
cpe:2.3:a:linpha:linpha:0.9.1
-
cpe:2.3:a:linpha:linpha:0.9.2
-
cpe:2.3:a:linpha:linpha:0.9.3
-
cpe:2.3:a:linpha:linpha:0.9.4
-
cpe:2.3:a:linpha:linpha:1.0
-
cpe:2.3:a:linpha:linpha:1.1.0
-
cpe:2.3:a:linpha:linpha:1.1.1
-
cpe:2.3:a:linpha:linpha:1.2.0
-
cpe:2.3:a:linpha:linpha:1.3.0
-
cpe:2.3:a:linpha:linpha:1.3.1
-
cpe:2.3:a:linpha:linpha:1.3.2