CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-5176

Multiple cross-site scripting (XSS) vulnerabilities in search.php in Banana Dance, possibly B.1.5 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) q or (2) category parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.3%

CVSS Severity

CVSS v2 Score 4.3

References

http://www.bananadance.org/Program-News/Minor-Update-and-New-Theme
http://www.doyoubananadance.com/Program-News/Important-Notice-About-SQLi-Exploit
http://www.bananadance.org/Program-News/Minor-Update-and-New-Theme
http://www.doyoubananadance.com/Program-News/Important-Notice-About-SQLi-Exploit

Products affected by CVE-2011-5176

Bananadance » Banana Dance » Version: 0.9

cpe:2.3:a:bananadance:banana_dance:0.9
Bananadance » Banana Dance » Version: 1.5

cpe:2.3:a:bananadance:banana_dance:1.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-5176

Products

Pricing

Contact Us