Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2009-3247
HistorySep 18, 2009 - 8:30 p.m.

CVE-2009-3247

2009-09-1820:30:00
CWE-79
mitre
web.nvd.nist.gov
31
cve-2009-3247
cross-site scripting
xss
vtiger crm
nvd
security advisory

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.008

Percentile

81.2%

JSON

Cross-site scripting (XSS) vulnerability in the Activities module in vtiger CRM 5.0.4 allows remote attackers to inject arbitrary web script or HTML via the action parameter to phprint.php. NOTE: the query_string vector is already covered by CVE-2008-3101.3.

Affected configurations

Nvd
Node
vtigervtiger_crmMatch5.0.4
VendorProductVersionCPE
vtigervtiger_crm5.0.4cpe:2.3:a:vtiger:vtiger_crm:5.0.4:*:*:*:*:*:*:*

Related

nvd 2
prion 2
cvelist 2
openvas 1
exploitdb 2
securityvulns 2
seebug 1
packetstorm 1
cve 1
nvd
nvd
CVE-2009-3247
2009-09-18 20:30:00
CVE-2008-3101
2008-09-03 14:12:00
prion
prion
Cross site scripting
2009-09-18 20:30:00
Cross site scripting
2008-09-03 14:12:00
cvelist
cvelist
CVE-2009-3247
2009-09-18 20:00:00
CVE-2008-3101
2008-09-03 14:00:00
openvas
openvas
vtiger CRM Multiple Input Validation Vulnerabilities
2011-03-07 00:00:00
exploitdb
exploitdb
vTiger CRM 5.0.4 - Remote Code Execution / Cross-Site Request Forgery / Local File Inclusion / Cross-Site Scripting
2009-08-18 00:00:00
vTiger CRM 5.0.4 - Multiple Cross-Site Scripting Vulnerabilities
2008-09-01 00:00:00
securityvulns
securityvulns
Multiple Cross Site Scripting (XSS) Vulnerabilities in vtigerCRM 5.0.4, CVE-2008-3101
2008-09-02 00:00:00
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2008-09-02 00:00:00
seebug
seebug
vtiger CRM倚δΈͺθ·¨η«™θ„šζœ¬ζΌζ΄ž
2008-09-10 00:00:00
packetstorm
packetstorm
vtigercrm-xss.txt
2008-09-03 00:00:00
cve
cve
CVE-2008-3101
2008-09-03 14:12:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.008

Percentile

81.2%

JSON
Related for CVE-2009-3247
nvd2prion2cvelist2openvas1exploitdb2securityvulns2seebug1packetstorm1cve1