Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0338

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2009-0338
Last Modified 29 Jan 2009 12:00:00
Published 29 Jan 2009 01:30:02
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-0338

Summary

Cross-site scripting (XSS) vulnerability in inc_webblogmanager.asp in DMXReady Blog Manager allows remote attackers to inject arbitrary web script or HTML via the CategoryID parameter in a refer action.

Vulnerable Systems

Application

  • Dmxready Blog Manager Nil


References

XF - blogmanager-incwebblogmanager-xss(48053)

BID - 33314

BUGTRAQ - 20090116 DMXReady Blog Manager (SQL/XSS)

SECUNIA - 33601

MISC - http://dmxready.helpserve.com/index.php?_m=news&_a=viewnews&newsid=12


Last Updated: 27 May 2016 10:50:12