Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-5149

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-5149
Last Modified 03 Sep 2012 02:07:41
Published 31 Aug 2012 05:55:03
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-5149

Summary

Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.08 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) testaddr or (2) testpass parameter to auth-settings.php; (3) hostname, (4) domainname, or (5) mailserver parameter to setup-relay.php; or (6) subnetmask or (7) defaultroute parameter to setup-network.php.

Vulnerable Systems

Application

  • Spamtitan 5.08


References

XF - spamtitan-multiple-xss(71942)

MISC - http://www.vulnerability-lab.com/get_content.php?id=91

EXPLOIT-DB - 18261

SECUNIA - 47309

OSVDB - 77989

OSVDB - 77988

OSVDB - 77987


Last Updated: 27 May 2016 11:00:25