Information disclosure

2009-03-1310:30:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

79.7%

JSON

Multiple unspecified vulnerabilities in ClanSphere before 2008.2.1 allow remote attackers to obtain sensitive information, and possibly have unknown other impact, via vectors related to “javascript insert” and the (1) mods/messages/getusers.php and (2) mods/abcode/listimg.php files. NOTE: some of these details are obtained from third party information.

CPENameOperatorVersion
clansphereeq2007.4.3
clanspherele2008
clansphereeq2007.4
clansphereeq2007.4.4
clansphereeq2007.4.1
clansphereeq2007.4.2
clansphereeq2007.3.1

Name	Operator	Version
clansphere	eq	2007.4.3
clansphere	le	2008
clansphere	eq	2007.4
clansphere	eq	2007.4.4
clansphere	eq	2007.4.1
clansphere	eq	2007.4.2
clansphere	eq	2007.3.1

References

osvdb.org/48451

secunia.com/advisories/31965

sourceforge.net/project/shownotes.php?release_id=627530

www.clansphere.net/index/news/view/id/289

www.clansphere.net/index/news/view/id/306

www.securityfocus.com/bid/31293

exchange.xforce.ibmcloud.com/vulnerabilities/45269