Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-9522

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2014-9522
Last Modified 06 Jan 2015 11:55:42
Published 05 Jan 2015 03:59:18
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-9522

Summary

Multiple cross-site scripting (XSS) vulnerabilities in CMS Papoo Light 6.0.0 (Rev 4701) allow remote attackers to inject arbitrary web script or HTML via the (1) author field to guestbook.php or (2) username field to account.php.

Vulnerable Systems

Application

  • Cms Papoo Light 6.0.0


References

BID - 71676

BUGTRAQ - 20141215 Persistent XSS Vulnerability in CMS Papoo Light v6.0.0 Rev. 4701

EXPLOIT-DB - 35551

MISC - http://sroesemann.blogspot.de/2014/12/bericht-zu-advisory-sroeadv-2014-01.html

MISC - http://packetstormsecurity.com/files/129586/CMS-Papoo-6.0.0-Revision-4701-Cross-Site-Scripting.html

OSVDB - 115944


Last Updated: 27 May 2016 11:07:26