Published: 18/02/2012 Updated: 29/08/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in CGI/Browse.pm in BackupPC 3.2.0 and possibly other versions prior to 3.2.1 allows remote malicious users to inject arbitrary web script or HTML via the num parameter in a browse action to index.cgi.

Vulnerable Product	Search on Vulmon	Subscribe to Product
craig barratt backuppc 3.2.0

BackupPC could be made to expose sensitive information over the network ...

Debian Bug report logs - #646865 backuppc: [PATCH] fix related issue to CVE-2011-3361 in CGI/Viewpm Package: backuppc; Maintainer for backuppc is Debian BackupPC Team <team+pkg-backuppc@trackerdebianorg>; Source for backuppc is src:backuppc (PTS, buildd, popcon) Reported by: Jamie Strandboge <jamie@ubuntucom> Dat ...

Debian Bug report logs - #641450 backuppc: new upstream release fixes security issue Package: backuppc; Maintainer for backuppc is Debian BackupPC Team <team+pkg-backuppc@trackerdebianorg>; Source for backuppc is src:backuppc (PTS, buildd, popcon) Reported by: "Thijs Kinkhorst" <thijs@debianorg> Date: Tue, 13 Sep ...

CWE-79 http://backuppc.cvs.sourceforge.net/viewvc/backuppc/BackupPC/lib/BackupPC/CGI/Browse.pm?r1=1.23&r2=1.24 https://www.htbridge.ch/advisory/multiple_xss_vulnerabilities_in_backuppc.html http://secunia.com/advisories/46621 http://secunia.com/advisories/44259 http://sourceforge.net/mailarchive/message.php?msg_id=26919997 http://www.securityfocus.com/bid/50406 http://backuppc.cvs.sourceforge.net/viewvc/backuppc/BackupPC/ChangeLog?revision=1.60&view=markup http://ubuntu.com/usn/usn-1249-1 http://www.openwall.com/lists/oss-security/2011/09/14/7 http://www.openwall.com/lists/oss-security/2011/09/13/3 https://exchange.xforce.ibmcloud.com/vulnerabilities/71030 https://usn.ubuntu.com/1249-1/https://nvd.nist.gov

CVE-2011-3361

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect