CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-8069

Multiple cross-site scripting (XSS) vulnerabilities in YOOtheme Pagekit CMS 0.8.7 allow remote attackers to inject arbitrary web script or HTML via the (1) HTTP Referer header to index.php/user or (2) PATH_INFO to index.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.3%

CVSS Severity

CVSS v2 Score 4.3

References

http://packetstormsecurity.com/files/128641/Pagekit-0.8.7-Cross-Site-Scripting-Open-Redirect.html
http://packetstormsecurity.com/files/128641/Pagekit-0.8.7-Cross-Site-Scripting-Open-Redirect.html

Products affected by CVE-2014-8069

Yootheme » Pagekit » Version: 0.8.7

cpe:2.3:a:yootheme:pagekit:0.8.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-8069

Products

Pricing

Contact Us