Lucene search

[email protected]CVE-2015-2244

HistoryOct 03, 2022 - 4:16 p.m.

CVE-2015-2244

2022-10-0316:16:12

CWE-79

[email protected]

web.nvd.nist.gov

cve-2015-2244

cross-site scripting

xss

webshop hun

remote attackers

html injection

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.8%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Webshop hun 1.062S allow remote attackers to inject arbitrary web script or HTML via the (1) param, (2) center, (3) lap, (4) termid, or (5) nyelv_id parameter to index.php.

Affected configurations

NVD

Node

webshophunwebshop_hunMatch1.062s

CPENameOperatorVersion
webshophun:webshop_hunwebshophun webshop huneq1.062s

CPE	Name	Operator	Version
webshophun:webshop_hun	webshophun webshop hun	eq	1.062s

References

packetstormsecurity.com/files/130648/Webshop-Hun-1.062S-Cross-Site-Scripting.html

seclists.org/fulldisclosure/2015/Mar/25

tetraph.com/security/xss-vulnerability/webshop-hun-v1-062s-xss-cross-site-scripting-security-vulnerabilities/

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.8%

JSON

Related for CVE-2015-2244

nvd1 prion1 cvelist1 openvas1