Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2015-1444

Published: 06/02/2015 Updated: 04/02/2019
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Fli4l

Vulnerability Summary

Multiple cross-site scripting (XSS) vulnerabilities in the web administration frontend in the httpd package in fli4l prior to 3.10.1 and 4.0 prior to 2015-01-30 allow remote malicious users to inject arbitrary web script or HTML via the (1) conntrack.cgi, (2) index.cgi, (3) log_syslog.cgi, (4) problems.cgi, (5) status.cgi, (6) status_network.cgi, or (7) status_system.cgi script in admin/.

Vulnerable Product Search on Vulmon Subscribe to Product

fli4l fli4l 4.0

fli4l fli4l

References

CWE-79http://www.fli4l.de/fileadmin/fli4l/security/advisory-FFL-1113.txthttp://seclists.org/oss-sec/2015/q1/381http://seclists.org/oss-sec/2015/q1/376https://exchange.xforce.ibmcloud.com/vulnerabilities/100610https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook