Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4174

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-4174
Last Modified 23 Sep 2008 12:00:00
Published 23 Sep 2008 11:25:42
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-4174

Summary

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Dynamic MP3 Lister 2.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) currentpath, (2) invert, (3) search, and (4) sort parameters.

Vulnerable Systems

Application

  • Benjamin Kuz Dynamic Mp3 Lister 2.0.1


References

XF - dynamicmp3lister-index-xss(45111)

BID - 31151

MISC - http://packetstormsecurity.org/0809-exploits/dynamicmp3-xss.txt


Last Updated: 27 May 2016 10:48:24