admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2004/CVE-2004-02xx/CVE-2004-0248.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

133 lines
3.8 KiB
JSON
Raw Blame History

{
"id": "CVE-2004-0248",
"sourceIdentifier": "cve@mitre.org",
"published": "2004-11-23T05:00:00.000",
"lastModified": "2024-11-20T23:48:05.887",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability (XSS) in PHPX 3.2.3 allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into (1) keywords argument of main.inc.php, (2) body argument of help.inc.php, or (3) the subject field in Personal Messages and Forum."
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados en PHPX 3.2.3 permite que atacantes remotos ejecuten script arbirtrario como otros usuarios inyectando HTML arbitrario o script dentro de los argumentos: (1) \"keywords\" de main.inc.php, (2) \"body\" de help.inc.php o (3) el campo asunto de Personal Messages and Forum"
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"baseScore": 6.8,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": true,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpx:phpx:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A692A925-E22A-4A35-96F8-8F9E123B44E0"
}
]
}
]
}
],
"references": [
{
"url": "http://marc.info/?l=bugtraq&m=107586932324901&w=2",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/10797/",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/9569",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15050",
"source": "cve@mitre.org"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15051",
"source": "cve@mitre.org"
},
{
"url": "http://marc.info/?l=bugtraq&m=107586932324901&w=2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://secunia.com/advisories/10797/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/9569",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15050",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15051",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
],
"evaluatorSolution": "This vulnerability is addressed in the following product release:\r\nPHPX, PHPX, 3.2.4"
}
Reference in New Issue View Git Blame Copy Permalink