PT-2009-5597 · Php+2 · Php Rss Builder+5

Takayoshi Isayama

Publicado

2009-09-22

Atualizado

2009-09-22

CVE-2009-3283

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions phpspot PHP BBS versions prior to 20090914 PHP Image Capture BBS versions prior to 20090914 PHP & CSS BBS versions prior to 20090914 PHP BBS CE versions prior to 20090914 PHP RSS Builder versions prior to 20090914 webshot versions prior to 20090914

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to cookies.

Recommendations For phpspot PHP BBS versions prior to 20090914, update to a version released after 20090914. For PHP Image Capture BBS versions prior to 20090914, update to a version released after 20090914. For PHP & CSS BBS versions prior to 20090914, update to a version released after 20090914. For PHP BBS CE versions prior to 20090914, update to a version released after 20090914. For PHP RSS Builder versions prior to 20090914, update to a version released after 20090914. For webshot versions prior to 20090914, update to a version released after 20090914.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2009-3283

Produtos afetados

Php & Css Bbs

Php Bbs Ce

Php Image Capture Bbs

Php Rss Builder

Phpspot Php Bbs

Webshot

PT-2009-5597 · Php+2 · Php Rss Builder+5

CVE-2009-3283

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5