Lucene search

PRIOn knowledge basePRION:CVE-2008-3098

HistorySep 24, 2008 - 2:56 p.m.

Cross site scripting

2008-09-2414:56:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.1%

JSON

Cross-site scripting (XSS) vulnerability in admin/usercheck.php in fuzzylime (cms) before 3.03 allows remote attackers to inject arbitrary web script or HTML via the user parameter to the login form.

CPENameOperatorVersion
fuzzylime_cmseq3.0
fuzzylime_cmseq3.01
fuzzylime_cmseq3.02
fuzzylime_cmseq3.1.97
fuzzylime_cmseq3.1.98

Name	Operator	Version
fuzzylime_cms	eq	3.0
fuzzylime_cms	eq	3.01
fuzzylime_cms	eq	3.02
fuzzylime_cms	eq	3.1.97
fuzzylime_cms	eq	3.1.98

References

cms.fuzzylime.co.uk/st/content/download/

secunia.com/advisories/31980

securityreason.com/securityalert/4303

www.datensalat.eu/~fabian/cve/CVE-2008-3098-fuzzylime-cms.html

www.securityfocus.com/archive/1/496589/100/0/threaded

www.securityfocus.com/bid/31306

www.vupen.com/english/advisories/2008/2650

exchange.xforce.ibmcloud.com/vulnerabilities/45342