Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3316

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-3316
Last Modified 10 Oct 2008 02:00:23
Published 25 Jul 2008 12:41:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3316

Summary

Cross-site scripting (XSS) vulnerability in the search feature in the Forum plugin before 2.7.1 for Geeklog allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to (1) public_html/index.php, (2) config.php, and (3) functions.inc.

Vulnerable Systems

Application

  • Portalparts Forum Plugin 2.3.1

  • Portalparts Forum Plugin 2.5


References

XF - forum-search-xss(43971)

BID - 30355

CONFIRM - http://www.geeklog.net/article.php/20080719093147449

SECUNIA - 31188

JVNDB - JVNDB-2008-000045

JVN - JVN#60419863


Last Updated: 27 May 2016 10:48:09