Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 23/03/2010 Updated: 23/03/2010

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in blog/index.php in Uiga Business Portal allows remote malicious users to inject arbitrary web script or HTML via the textcomment parameter (aka the Comment Box) in a noentryid action. NOTE: some of these details are obtained from third party information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
uiga business portal

# Exploit Title: Uiga Business Portal SQL/ XSS Vulnerability # Date: 8/2/2010 # Author: Sioma Labs # Site : wwwscriptdevelopersnet # Software Link: wwwscriptdevelopersnet/download/uigapersonalportalzip # Version: N/A # Tested on: Linux OS = Cent OS 54 Server = Apache/223 SQLDB = MYSQL v5077 Windows OS = Win ...

CWE-79 http://www.vupen.com/english/advisories/2010/0317 http://secunia.com/advisories/38430 http://www.exploit-db.com/exploits/11357 https://nvd.nist.gov https://www.exploit-db.com/exploits/11357/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-1048

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect