CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2010-2260

Multiple cross-site scripting (XSS) vulnerabilities in Gambit Design Bandwidth Meter, 0.72 and possibly 1.2, allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) view_by_name.php or (2) view_by_ip.php in admin/. NOTE: some sources report that the affected product is ShaPlus Bandwidth Meter, but this is incorrect.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 51.6%

CVSS Severity

CVSS v2 Score 4.3

References

http://packetstormsecurity.org/1001-exploits/bandwidthmeter-xss.txt
http://secunia.com/advisories/38012
http://www.exploit-db.com/exploits/10926
https://exchange.xforce.ibmcloud.com/vulnerabilities/55307
http://packetstormsecurity.org/1001-exploits/bandwidthmeter-xss.txt
http://secunia.com/advisories/38012
http://www.exploit-db.com/exploits/10926
https://exchange.xforce.ibmcloud.com/vulnerabilities/55307

Products affected by CVE-2010-2260

Gambitdesign » Bandwidth Meter » Version: 0.72

cpe:2.3:a:gambitdesign:bandwidth_meter:0.72
Gambitdesign » Bandwidth Meter » Version: 1.2

cpe:2.3:a:gambitdesign:bandwidth_meter:1.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-2260

Products

Pricing

Contact Us