Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6637

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-6637
Last Modified 19 Aug 2009 01:24:12
Published 07 Apr 2009 10:17:17
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-6637

Summary

Multiple cross-site scripting (XSS) vulnerabilities in forgotPW.php in Library Video Company SAFARI Montage 3.1.x allow remote attackers to inject arbitrary web script or HTML via the (1) school and (2) email parameters.

Vulnerable Systems

Application

  • Libraryvideocompany Safari Montage 3.1.3


References

XF - safarimontage-forgotpw-xss(42598)

VUPEN - ADV-2008-1652

BID - 29343

MISC - http://www.digitrustgroup.com/advisories/web-application-security-safari-montage.html

SECUNIA - 30363

OSVDB - 45646


Last Updated: 27 May 2016 10:49:16