Lucene search
MitreCVE-2010-2040HistoryMay 25, 2010 - 2:30 p.m.
CVE-2010-2040
2010-05-2514:30:01
CWE-79
mitre
web.nvd.nist.gov
32
cve-2010-2040
cross-site scripting
xss vulnerability
v-eva shopzilla affiliate script php
search.php
remote attackers
web script
html
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.9
Confidence
High
EPSS
0.005
Percentile
76.0%
Cross-site scripting (XSS) vulnerability in search.php in V-EVA Shopzilla Affiliate Script PHP allows remote attackers to inject arbitrary web script or HTML via the s parameter.
Affected configurations
Node
v-evashopzilla_affiliate_script_php
| Vendor | Product | Version | CPE |
|---|---|---|---|
| v-eva | shopzilla_affiliate_script_php | * | cpe:2.3:a:v-eva:shopzilla_affiliate_script_php:*:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
Shopzilla Affiliate Script PHP - 'search.php' Cross-Site Scripting
2010-05-19 00:00:00
prion
prion
Cross site scripting
2010-05-25 14:30:00
nvd
nvd
CVE-2010-2040
2010-05-25 14:30:01
cvelist
cvelist
CVE-2010-2040
2010-05-25 14:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.9
Confidence
High
EPSS
0.005
Percentile
76.0%
Related for CVE-2010-2040