Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2010-5027

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2010-5027
Last Modified 04 Jul 2013 03:14:04
Published 02 Nov 2011 05:55:16
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2010-5027

Summary

Cross-site scripting (XSS) vulnerability in winners.php in Science Fair In A Box (SFIAB) 2.0.6 and 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the type parameter. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Sfiab Science Fair In A Box 2.0.6

  • Sfiab Science Fair In A Box 2.2.0


References

XF - sciencefairinabox-winners-xss(59283)

BID - 40743

OSVDB - 65419

EXPLOIT-DB - 13801

SECUNIA - 40170

MISC - http://packetstormsecurity.org/1006-exploits/fairinabox-sqlxss.txt

SREASON - 8516


Last Updated: 27 May 2016 10:58:14