CVE-2008-2126
published 2008-05-09CVE-2008-2126: Multiple cross-site scripting (XSS) vulnerabilities in Tux CMS 0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) q parameter to…
PriorityP416medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
1.50%
71.0th percentile
Multiple cross-site scripting (XSS) vulnerabilities in Tux CMS 0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) q parameter to index.php and the (2) returnURL parameter to tux-login.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tux_cms | tux_cms | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=121019103418967&w=2http://osvdb.org/44917http://secunia.com/advisories/30121http://www.securityfocus.com/bid/29090https://exchange.xforce.ibmcloud.com/vulnerabilities/42252http://marc.info/?l=bugtraq&m=121019103418967&w=2http://osvdb.org/44917http://secunia.com/advisories/30121http://www.securityfocus.com/bid/29090https://exchange.xforce.ibmcloud.com/vulnerabilities/42252
2008-05-09
Published