Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2007-5803

Published: 13/05/2008 Updated: 29/07/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Nagios

Vulnerability Summary

Multiple cross-site scripting (XSS) vulnerabilities in CGI programs in Nagios prior to 2.12 might allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-5624 and CVE-2008-1360.

Vulnerable Product Search on Vulmon Subscribe to Product

nagios nagios 1.1

nagios nagios 1.2

nagios nagios 2.0b4

nagios nagios 2.0b5

nagios nagios 2.2

nagios nagios 2.3

nagios nagios 1.0b3

nagios nagios 1.0b4

nagios nagios 1.4.1

nagios nagios 2.0

nagios nagios 2.0b1

nagios nagios 2.0rc2

nagios nagios 2.1

nagios nagios 2.5

nagios nagios 2.7

nagios nagios 1.0b5

nagios nagios 1.0b6

nagios nagios 2.0b2

nagios nagios 2.0b3

nagios nagios 2.10

nagios nagios 2.11

nagios nagios 2.8

nagios nagios 2.9

nagios nagios 1.0b1

nagios nagios 1.0b2

nagios nagios 1.3

nagios nagios 1.4

nagios nagios 2.0b6

nagios nagios 2.0rc1

nagios nagios 2.3.1

nagios nagios 2.4

Vendor Advisories

Debian CVElist Bug Report Logs: nagios2: CVE-2007-5803 cross-site scripting vulnerabilities
Debian Bug report logs - #482445 nagios2: CVE-2007-5803 cross-site scripting vulnerabilities Package: nagios2; Maintainer for nagios2 is (unknown); Reported by: Nico Golde <nion@debianorg> Date: Thu, 22 May 2008 20:09:01 UTC Severity: important Tags: patch, security Fixed in version nagios2/26-2+etch4 Done: Giuseppe Iu ...
Debian Security Advisories: DSA-1883-1 nagios2 -- missing input sanitising
Several vulnerabilities have been found in nagios2, a host/service/network monitoring and management system The Common Vulnerabilities and Exposures project identifies the following problems: Several cross-site scripting issues via several parameters were discovered in the CGI scripts, allowing attackers to inject arbitrary HTML code In order to ...

References

CWE-79http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.htmlhttp://secunia.com/advisories/30202http://sourceforge.net/project/shownotes.php?release_id=600377http://sourceforge.net/project/shownotes.php?release_id=600377&group_id=26589http://www.securityfocus.com/bid/29140http://secunia.com/advisories/30283http://www.vupen.com/english/advisories/2008/1567/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/42522https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482445https://nvd.nist.govhttps://www.debian.org/security/./dsa-1883
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook