Published: 22/12/2010 Updated: 17/08/2017

CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8

VMScore: 360

Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Radius Manager 3.8.0 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) name or (2) descr parameter in an (a) update_usergroup or a (b) store_nas action to admin.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
dmasoftlab radius manager 3.8.0

Check Point Software Technologies - Vulnerability Discovery Team (VDT) wwwcheckpointcom/defense/ Radius Manager Multiple Cross Site Scripting Issues CVE-2010-4275 INTRODUCTION Radius Manager is a centralized way for administration of Mikrotik, Cisco, Chillispot and StarOS routers and wireless access points It has a centralized accou ...

source: wwwsecurityfocuscom/bid/45481/info Radius Manager is prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site This may let the ...

Radius Manager version 380 suffers from a cross site scripting vulnerability ...

CWE-79 http://www.securityfocus.com/bid/45481 http://secunia.com/advisories/42364 http://www.exploit-db.com/exploits/15766 https://exchange.xforce.ibmcloud.com/vulnerabilities/64199 https://nvd.nist.gov https://www.exploit-db.com/exploits/15766/

CVE-2010-4275

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect