CVE-2003-1539

Sažetak

Cross-site scripting (XSS) vulnerability in ONEdotOH Simple File Manager (SFM) before 0.21 allows remote attackers to inject arbitrary web script or HTML via (1) file names and (2) directory names.

Reference

http://secunia.com/advisories/8257
http://sourceforge.net/project/shownotes.php?release_id=144274
http://sourceforge.net/tracker/index.php?func=detail&aid=695597&group_id=60333&atid=493842
http://www.securityfocus.com/bid/7035

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

05-09-2008 - 20:37

Objavljeno

31-12-2003 - 05:00