Published: 06/09/2012 Updated: 29/08/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 445

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Etano 1.22 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) user, (2) email, (3) email2, (4) f17_zip, or (5) agree parameter to join.php; (6) PATH_INFO, (7) st, (8) f17_city, (9) f17_country, (10) f17_state, (11) f17_zip, (12) f19, (13) wphoto, (14) search, or (15) v parameter to search.php; (16) PATH_INFO or (17) st parameter to photo_search.php; or (18) return parameter to photo_view.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
datemill etano

source: wwwsecurityfocuscom/bid/52295/info Etano is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site This may allow the at ...

source: wwwsecurityfocuscom/bid/52295/info Etano is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site This may allow the atta ...

source: wwwsecurityfocuscom/bid/52295/info Etano is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site This may allow the ...

CWE-79 http://secunia.com/advisories/48165 http://www.osvdb.org/79830 http://www.openwall.com/lists/oss-security/2012/03/05/21 http://www.osvdb.org/79828 http://www.osvdb.org/79827 http://www.securityfocus.com/bid/52295 http://www.osvdb.org/79829 http://archives.neohapsis.com/archives/bugtraq/2012-03/0013.html http://yehg.net/lab/pr0js/advisories/%5Betano_1.2.x%5D_xss http://www.openwall.com/lists/oss-security/2012/03/05/15 https://exchange.xforce.ibmcloud.com/vulnerabilities/73669 https://nvd.nist.gov https://www.exploit-db.com/exploits/36899/

CVE-2012-1110

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect