Vulnerability CVE-2017-12984
Published: 2017-08-21

Description:
PHPMyWind 5.3 has XSS in shoppingcart.php, related to message.php, admin/message.php, and admin/message_update.php.

See advisories in our WLB2 database:
Topic
Author
Date
Low
PHPMyWind 5.3 Cross-Site Scripting
小雨
22.08.2017

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None
Affected software
Phpmywind -> Phpmywind 

 References:
http://www.yuag.org/2016/08/17/phpmywind_5-3%E5%AD%98%E5%82%A8%E5%9E%8Bxss/
Copyright 2024, cxsecurity.com

 

Back to Top