Published: 31/12/2004 Updated: 29/07/2017

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 685

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Multiple cross-site scripting (XSS) vulnerabilities in mod.php in eNdonesia 8.3 allow remote malicious users to inject arbitrary web script or HTML via (1) the mod parameter in a viewcat operation or (2) the query parameter in a search operation in the publisher module.

Vulnerable Product	Search on Vulmon	Subscribe to Product
endonesia endonesia 8.3

source: wwwsecurityfocuscom/bid/10856/info It is reported that eNdonesia is susceptible to a cross-site scripting vulnerability This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated web content As a result of this vulnerability, it is possible for a rem ...

NVD-CWE-Other http://www.securityfocus.com/archive/1/370855 http://echo.or.id/adv/adv02-y3dips-2004.txt http://www.securityfocus.com/bid/10856 http://www.securityfocus.com/bid/8506 http://securitytracker.com/id?1010864 http://secunia.com/advisories/12231 https://exchange.xforce.ibmcloud.com/vulnerabilities/13041 https://nvd.nist.gov https://www.exploit-db.com/exploits/24348/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-2670

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect