Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3434

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-3434
Last Modified 16 Aug 2012 12:00:00
Published 15 Aug 2012 05:55:03
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-3434

Summary

Multiple cross-site scripting (XSS) vulnerabilities in userperspan.php in the Count Per Day module before 3.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) page, (2) datemin, or (3) datemax parameter.

Vulnerable Systems

Application

  • Tom Braider Count Per Day 1.0

  • Tom Braider Count Per Day 1.1

  • Tom Braider Count Per Day 1.2

  • Tom Braider Count Per Day 1.2.1

  • Tom Braider Count Per Day 1.2.2

  • Tom Braider Count Per Day 1.2.3

  • Tom Braider Count Per Day 1.3

  • Tom Braider Count Per Day 1.4

  • Tom Braider Count Per Day 1.5

  • Tom Braider Count Per Day 1.5.1

  • Tom Braider Count Per Day 2.0

  • Tom Braider Count Per Day 2.1

  • Tom Braider Count Per Day 2.10

  • Tom Braider Count Per Day 2.10.1

  • Tom Braider Count Per Day 2.11

  • Tom Braider Count Per Day 2.12

  • Tom Braider Count Per Day 2.13

  • Tom Braider Count Per Day 2.13.1

  • Tom Braider Count Per Day 2.14

  • Tom Braider Count Per Day 2.15

  • Tom Braider Count Per Day 2.15.1

  • Tom Braider Count Per Day 2.16

  • Tom Braider Count Per Day 2.16.1

  • Tom Braider Count Per Day 2.17

  • Tom Braider Count Per Day 2.2

  • Tom Braider Count Per Day 2.3

  • Tom Braider Count Per Day 2.3.1

  • Tom Braider Count Per Day 2.4

  • Tom Braider Count Per Day 2.4.2

  • Tom Braider Count Per Day 2.5

  • Tom Braider Count Per Day 2.6

  • Tom Braider Count Per Day 2.7

  • Tom Braider Count Per Day 2.8

  • Tom Braider Count Per Day 2.9

  • Tom Braider Count Per Day 3.0

  • Tom Braider Count Per Day 3.1


References

CONFIRM - http://www.tomsdimension.de/wp-plugins/count-per-day

OSVDB - 83491

MLIST - [oss-security] 20120727 Re: CVE-request: WordPress plugin Count Per Day XSS (SSCHADV2012-015)

MLIST - [oss-security] 20120724 CVE-request: WordPress plugin Count Per Day XSS (SSCHADV2012-015)

MISC - http://www.darksecurity.de/advisories/2012/SSCHADV2012-015.txt

SECUNIA - 49692

CONFIRM - http://plugins.trac.wordpress.org/changeset/571926/count-per-day


Last Updated: 27 May 2016 10:49:40