Sign in
CVE-2003-1204
CVE-2003-1204
Description
Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Server 4.0.12 BETA and earlier allow remote attackers to execute script on other clients via (1) the link parameter in sectionswindow.php, the directory parameter in (2) gallery.php, (3) navigation.php, or (4) uploadimage.php, the path parameter in (5) view.php, (6) the choice parameter in upload.php, (7) the sitename parameter in mambosimple.php, (8) the type parameter in upload.php, or the id parameter in (9) emailarticle.php, (10) emailfaq.php, or (11) emailnews.php.
Impact
CVSS v2 : 6.8 MEDIUM
Type
NVD-CWE-Other
Attack Vector
CVSSv2 Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P
Quick links
CVE
,
NVD
,
CERT
,
Metasploit
,
Exploit-db
,
Fulldisc
,
Bugtraq
,
Microsoft
,
Red Hat
,
Debian
, GitHub
code
/
issues
,
Google
References
http://www.osvdb.org/7495
http://www.osvdb.org/7496
http://www.osvdb.org/7497
http://www.osvdb.org/7498
http://www.osvdb.org/7499
http://www.osvdb.org/7500
http://www.osvdb.org/7501
http://www.osvdb.org/7502
http://www.osvdb.org/7503
http://www.osvdb.org/7504
http://www.osvdb.org/7505
http://www.securityfocus.com/archive/1/306206
http://www.securityfocus.com/bid/6571
https://exchange.xforce.ibmcloud.com/vulnerabilities/11050
FAQ
Terms of service
Privacy policy
