CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Endonesia: >> Endonesia >> 8.3 Security Vulnerabilities

CVE-2004-2670

Multiple cross-site scripting (XSS) vulnerabilities in mod.php in eNdonesia 8.3 allow remote attackers to inject arbitrary web script or HTML via (1) the mod parameter in a viewcat operation or (2) the query parameter in a search operation in the publisher module.

CVSS Score

6.8

EPSS Score

0.105

Published

2004-12-31

CVE-2004-2671

mod.php in eNdonesia 8.3 allows remote attackers to obtain sensitive information via certain direct requests, and certain requests with invalid parameter values, which reveal the path in various error messages, as demonstrated by the (1) mod and (2) cid parameters.

CVSS Score

5.0

EPSS Score

0.008

Published

2004-12-31

Page 1

Vulnerabilities

Vulnerable Software

Endonesia: >> Endonesia >> 8.3 Security Vulnerabilities

Products

Pricing

Contact Us