Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0400

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-0400
Last Modified 07 Mar 2011 10:04:39
Published 23 Jan 2008 07:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0400

Summary

Cross-site scripting (XSS) vulnerability in header.tpl.php in the modern template for Singapore 0.10.1 allows remote attackers to inject arbitrary web script or HTML via the gallery parameter to default.php.

Vulnerable Systems

Application

  • Modern 1.3.2

  • Singapore 0.10.1


References

VUPEN - ADV-2008-0234

BID - 27382

MISC - http://trew.icenetx.net/toolz/advisory-singapore-modern-template.txt

SECUNIA - 28573


Last Updated: 27 May 2016 10:46:47