Lucene search
MitreCVE-2010-3977HistoryNov 03, 2010 - 1:37 p.m.
CVE-2010-3977
2010-11-0313:37:09
CWE-79
mitre
web.nvd.nist.gov
33
cve
2010
3977
xss
vulnerabilities
cforms
wordpress plugin
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.6
Confidence
High
EPSS
0.003
Percentile
71.2%
Multiple cross-site scripting (XSS) vulnerabilities in wp-content/plugins/cforms/lib_ajax.php in cforms WordPress plugin 11.5 allow remote attackers to inject arbitrary web script or HTML via the (1) rs and (2) rsargs[] parameters.
Affected configurations
Node
deliciousdayscformsMatch11.5
wordpresswordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| deliciousdays | cforms | 11.5 | cpe:2.3:a:deliciousdays:cforms:11.5:*:*:*:*:*:*:* |
| wordpress | wordpress | * | cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* |
Related
nessus
nessus
cformsII Plugin for WordPress 'rs' Parameter XSS
2010-11-08 00:00:00
seebug
seebug
WordPress cformsIIζδ»Άrsεrsargsεζ°θζ¬ζ³¨ε
₯ζΌζ΄
2010-11-03 00:00:00
prion
prion
Cross site scripting
2010-11-03 13:37:00
packetstorm
packetstorm
cforms WordPress Plugin Cross Site Scripting
2010-11-02 00:00:00
jvn
jvn
JVN#35256978: cforms II vulnerable to cross-site scripting
2012-02-15 00:00:00
patchstack
patchstack
securityvulns
securityvulns
wpvulndb
wpvulndb
Cforms <= 13.1 - 'lib_ajax.php' Cross-Site Scripting (XSS)
2010-11-01 00:00:00
checkpoint_advisories
checkpoint_advisories
exploitdb
exploitdb
nvd
nvd
CVE-2010-3977
2010-11-03 13:37:09
openvas
openvas
cvelist
cvelist
CVE-2010-3977
2010-11-03 01:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.6
Confidence
High
EPSS
0.003
Percentile
71.2%
Related for CVE-2010-3977