Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
383
VMScore

CVE-2019-8938

Published: 21/03/2019 Updated: 25/03/2019
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

VertrigoServ 2.17 allows XSS via the /inc/extensions.php ext parameter.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

vertrigoserv project vertrigoserv 2.17

Exploits

Exploit DB: VertrigoServ 2.17 Cross Site Scripting
VertrigoServ version 217 suffers from a cross site scripting vulnerability ...

Mailing Lists

Full Disclosure: [CVE-2019-8938] Cross Site Scripting in VertrigoServ 2.17
<!-- # Exploit Title: Cross Site Scripting in VertrigoServ 217 # Date: 17-02-2019 # Exploit Author: Rafael Pedrero # Vendor Homepage: vertrigosfnet # Software Link: vertrigosfnet # Version: VertrigoServ 217 # Tested on: All # CVE : CVE-2019-8938 # Category: webapps 1 Description VertrigoServ 217 allows XSS via the /inc/ex ...

References

CWE-79https://sourceforge.net/p/vertrigo/news/http://seclists.org/fulldisclosure/2019/Feb/47http://packetstormsecurity.com/files/151800/VertrigoServ-2.17-Cross-Site-Scripting.htmlhttps://nvd.nist.govhttp://seclists.org/fulldisclosure/2019/Feb/47
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572CVE-2024-24919CVE-2024-0230CVE-2024-32714HTML injectionlocal file inclusionCVE-2024-31098CVE-2024-31244privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook