CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-8349

Cross-site scripting (XSS) vulnerability in SourceBans before 2.0 pre-alpha allows remote attackers to inject arbitrary web script or HTML via the advSearch parameter to index.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.098

EPSS Ranking 92.6%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

http://www.securityfocus.com/archive/1/537018/100/0/threaded
https://www.htbridge.com/advisory/HTB23273
http://www.securityfocus.com/archive/1/537018/100/0/threaded
https://www.htbridge.com/advisory/HTB23273

Products affected by CVE-2015-8349

Gameconnect » Sourcebans » Version: 1.4.11

cpe:2.3:a:gameconnect:sourcebans:1.4.11

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-8349

Products

Pricing

Contact Us