Vulnerability Details CVE-2018-18416
LANGO Codeigniter Multilingual Script 1.0 has XSS in the input and upload sections, as demonstrated by the site_name parameter to the admin/settings/update URI.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.8%
CVSS Severity
CVSS v3 Score 4.8
CVSS v2 Score 3.5
References
- http://packetstormsecurity.com/files/149841/LANGO-Codeigniter-Multilingual-Script-1.0-Cross-Site-Scripting.html
- https://www.exploit-db.com/exploits/45672/
- http://packetstormsecurity.com/files/149841/LANGO-Codeigniter-Multilingual-Script-1.0-Cross-Site-Scripting.html
- https://www.exploit-db.com/exploits/45672/