Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4893

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2008-4893
Last Modified 24 Oct 2012 12:00:00
Published 03 Nov 2008 07:58:39
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2008-4893

Summary

Cross-site scripting (XSS) vulnerability in templates/mytribiqsite/tribal-GPL-1066/includes/header.inc.php in Tribiq CMS 5.0.10a, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the template_path parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Systems

Application

  • Tribiq Cms 5.0.10a


References

XF - tribiq-headerinc-xss(46265)

BID - 32050

SECUNIA - 32548


Last Updated: 27 May 2016 10:48:39