Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2967


Vulnerability Score 4.3 4.3
CVE Id CVE-2008-2967
Last Modified 29 Jan 2009 01:51:51
Published 02 Jul 2008 01:14:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Multiple cross-site scripting (XSS) vulnerabilities in Academic Web Tools (AWT YEKTA), and and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) query string to login.php and the (2) glb_sid parameter to hta/htmlarea.js.php, and allow remote authenticated users to inject arbitrary web script or HTML via an unspecified field in room.php.

Vulnerable Systems


  • Yektaweb Academic Web Tools


XF - academicwebtools-multiple-xss(43178)

BID - 29813

BUGTRAQ - 20080619 Academic Web Tools CMS <= Multiple Vulnerabilities


SREASON - 3959

SECUNIA - 30763

Last Updated: 27 May 2016 10:48:02