Published: 20/01/2011 Updated: 26/08/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in multiple Rocomotion products, including P board 1.18 and other versions, P forum 1.30 and previous versions, P up board 1.38 and other versions, P diary R 1.13 and previous versions, P link 1.11 and previous versions, P link compact 1.04 and previous versions, pplog 3.31 and previous versions, pplog2 3.37 and previous versions, PM bbs 1.07 and previous versions, PM up bbs 1.08 and previous versions, and PM forum 1.18 and previous versions, allows remote malicious users to inject arbitrary web script or HTML via unknown vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
rocomotion p board
rocomotion p diary r
rocomotion p forum
rocomotion p link
rocomotion p link compact
rocomotion p up board
rocomotion pm bbs
rocomotion pm forum
rocomotion pplog
rocomotion pplog 2

CWE-79 http://www.securityfocus.com/bid/45838 http://secunia.com/advisories/42957 http://another.rocomotion.jp/12949466953653.html http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000006.html http://jvn.jp/en/jp/JVN09115481/index.html http://osvdb.org/70495 https://exchange.xforce.ibmcloud.com/vulnerabilities/64745 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-3931

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect