Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 07/02/2012 Updated: 29/08/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Sphinx Software Mobile Web Server 3.1.2.47 allow remote malicious users to inject arbitrary web script or HTML via the comment parameter to a blog, as demonstrated using (1) Blog/MyFirstBlog.txt or (2) Blog/AboutSomething.txt.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sphinx-soft mobile web server 3.1.2.47

############################################################################## # # Title : Sphinix Mobile Web Server Multiple Persistent XSS Vulnerabilities # Author : Prabhu S Angadi SecPod Technologies (wwwsecpodcom) # Vendor : wwwsphinx-softcom/MWS/indexhtml # Advisory : secpodorg/blog/?p=453 # secpod ...

CWE-79 http://www.securityfocus.com/bid/51820 http://secpod.org/blog/?p=453 http://secunia.com/advisories/47876 https://exchange.xforce.ibmcloud.com/vulnerabilities/72913 https://nvd.nist.gov https://www.exploit-db.com/exploits/18451/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-1005

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect