Published: 19/07/2011 Updated: 09/10/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 440

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Chyrp 2.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the action parameter to (1) the default URI or (2) includes/javascript.php, or the (3) title or (4) body parameter to admin/help.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
chyrp chyrp
chyrp chyrp 2.1
chyrp chyrp 2.0

source: wwwsecurityfocuscom/bid/48672/info Chyrp is prone to multiple cross-site scripting vulnerabilities, a local file-include vulnerability, an arbitrary file-upload vulnerability, and a directory-traversal vulnerability An attacker may leverage these issues to execute arbitrary script code on an affected computer and in the browse ...

source: wwwsecurityfocuscom/bid/48672/info Chyrp is prone to multiple cross-site scripting vulnerabilities, a local file-include vulnerability, an arbitrary file-upload vulnerability, and a directory-traversal vulnerability An attacker may leverage these issues to execute arbitrary script code on an affected computer and in the browser ...

CWE-79 http://secunia.com/advisories/45184 http://www.justanotherhacker.com/advisories/JAHx113.txt http://www.ocert.org/advisories/ocert-2011-001.html http://www.securityfocus.com/bid/48672 http://osvdb.org/73887 http://osvdb.org/73888 http://osvdb.org/73889 http://securityreason.com/securityalert/8312 https://exchange.xforce.ibmcloud.com/vulnerabilities/68563 http://www.securityfocus.com/archive/1/518890/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/35944/

CVE-2011-2743

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect