cbcvebase.
CVE-2010-2014
published 2010-05-24

CVE-2010-2014: Cross-site scripting (XSS) vulnerability in cp/list_content.php in LiSK CMS 4.4 allows remote attackers to inject arbitrary web script or HTML via the cl or…

PriorityP414medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
0.87%
54.3th percentile
Cross-site scripting (XSS) vulnerability in cp/list_content.php in LiSK CMS 4.4 allows remote attackers to inject arbitrary web script or HTML via the cl or possibly id parameter.

Affected

4 ranges
VendorProductVersion rangeFixed in
createch-grouplisk_cms
gnucpio>= 0 < 2.11+dfsg-1ubuntu1.12.11+dfsg-1ubuntu1.1
gnupatch>= 0 < 2.7.1-4ubuntu2.32.7.1-4ubuntu2.3
opensslopenssl>= 0 < 1.0.1f-1ubuntu2.11.0.1f-1ubuntu2.1

CVSS provenance

nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv6.8MEDIUM
vendor_cisco10.0CRITICAL
vendor_redhat4.9MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.