Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-5081

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-5081
Last Modified 29 Feb 2012 12:00:00
Published 17 Feb 2012 07:55:02
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-5081

Summary

Cross-site scripting (XSS) vulnerability in RestoreFile.pm in BackupPC 3.1.0, 3.2.1, and possibly other earlier versions allows remote attackers to inject arbitrary web script or HTML via the share parameter in a RestoreFile action to index.cgi.

Vulnerable Systems

Application

  • Craig Barratt Backuppc 3.1.0

  • Craig Barratt Backuppc 3.2.1


References

MISC - https://www.htbridge.ch/advisory/multiple_xss_vulnerabilities_in_backuppc.html

XF - backuppc-index-xss(67170)

OSVDB - 72055

SECUNIA - 44385

BUGTRAQ - 20110428 HTB22965: Multiple XSS vulnerabilities in BackupPC


Last Updated: 27 May 2016 10:58:18