Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0426

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-0426
Last Modified 05 Sep 2008 05:35:02
Published 23 Jan 2008 05:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0426

Summary

Multiple cross-site scripting (XSS) vulnerabilities in submit.php in PacerCMS before 0.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) headline, or (3) text field in a message.

Vulnerable Systems

Application

  • Pacercms 0.6.1


References

BID - 27386

XF - pacercms-submit-xss(39832)

BUGTRAQ - 20080122 PacerCMS Multiple Vulnerabilities (XSS/SQL)

SECUNIA - 28605

CONFIRM - http://pacercms.sourceforge.net/index.php/2008/01/21/pacercms-061-streamlines-code-base-addresses-security-issue/


Last Updated: 27 May 2016 10:46:48