CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-5299

Multiple cross-site scripting (XSS) vulnerabilities in poMMo Aardvark PR16.1 allow remote attackers to inject arbitrary web script or HTML via (1) the referer parameter to index.php, (2) the site_name parameter to admin/setup/config/general.php, (3) the group_name parameter to admin/subscribers/subscribers_groups.php, or (4) the field_name parameter to admin/setup/setup_fields.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.3%

CVSS Severity

CVSS v2 Score 4.3

References

https://www.htbridge.com/advisory/HTB22976
https://www.htbridge.com/advisory/HTB22976

Products affected by CVE-2011-5299

Pommo » Pommo-Ardvark » Version: pr16.1

cpe:2.3:a:pommo:pommo-ardvark:pr16.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-5299

Products

Pricing

Contact Us