CVE-2010-3070
published 2010-09-28CVE-2010-3070: Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, allows remote attackers to inject arbitrary web script or…
PriorityP424medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
6.16%
92.6th percentile
Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to an arbitrary PHP script that uses NuSOAP classes.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | nusoap | < nusoap 0.7.3-4 (bookworm) | nusoap 0.7.3-4 (bookworm) |
| dietrich_ayala | nusoap | — | — |
| nusoap | nusoap | >= 0 < 0.7.3-4 | 0.7.3-4 |
| nusoap | nusoap | >= 0 < 0.7.3-4 | 0.7.3-4 |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv4.3MEDIUM
vendor_debian4.3LOW
vendor_redhat4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-fg9p-q5pm-9gpr: Cross-site scripting (XSS) vulnerability in NuSOAP 0
ghsa_unreviewed·2022-05-17
CVE-2010-3070 [MEDIUM] CWE-79 GHSA-fg9p-q5pm-9gpr: Cross-site scripting (XSS) vulnerability in NuSOAP 0
Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to an arbitrary PHP script that uses NuSOAP classes.
OSV
CVE-2010-3070: Cross-site scripting (XSS) vulnerability in NuSOAP 0
osv·2010-09-28·CVSS 4.3
CVE-2010-3070 [MEDIUM] CVE-2010-3070: Cross-site scripting (XSS) vulnerability in NuSOAP 0
Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to an arbitrary PHP script that uses NuSOAP classes.
Red Hat
php-nusoap: XSS vulnerability due improper escaping of URLs
vendor_redhat·2010-08-31·CVSS 4.3
CVE-2010-3070 [MEDIUM] CWE-79 php-nusoap: XSS vulnerability due improper escaping of URLs
php-nusoap: XSS vulnerability due improper escaping of URLs
Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to an arbitrary PHP script that uses NuSOAP classes.
Debian
CVE-2010-3070: nusoap - Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in MantisBT an...
vendor_debian·2010·CVSS 4.3
CVE-2010-3070 [MEDIUM] CVE-2010-3070: nusoap - Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in MantisBT an...
Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to an arbitrary PHP script that uses NuSOAP classes.
Scope: local
bookworm: resolved (fixed in 0.7.3-4)
bullseye: resolved (fixed in 0.7.3-4)
Suricata
ET WEB_SPECIFIC_APPS Cyberfolio css.php theme Parameter Local File Inclusion
suricata·2010-07-30·CVSS 6.8
CVE-2008-6265 [MEDIUM] ET WEB_SPECIFIC_APPS Cyberfolio css.php theme Parameter Local File Inclusion
ET WEB_SPECIFIC_APPS Cyberfolio css.php theme Parameter Local File Inclusion
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Cyberfolio css.php theme Parameter Local File Inclusion"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/portfolio/css.php?"; fast_pattern; nocase; content:"theme="; nocase; http.uri.raw; url_decode; content:"|2e 2e 2f|"; reference:cve,CVE-2008-6265; reference:url,milw0rm.com/exploits/7065; reference:url,vupen.com/english/advisories/2008/3070; reference:bugtraq,32218; classtype:web-application-attack; sid:2009764; rev:9; metadata:affected_product Web_Server_Applications, attack_target Server, created_at 2010_07_30, deployment Perimeter, deployment Internal, deployment Datacenter, confidence High, signat
Bugzilla
CVE-2010-3070 CVE-2010-2574 CVE-2010-3303 mantis various flaws [fedora-all]
bugzilla·2010-09-15·CVSS 2.1
CVE-2010-3070 [LOW] CVE-2010-3070 CVE-2010-2574 CVE-2010-3303 mantis various flaws [fedora-all]
CVE-2010-3070 CVE-2010-2574 CVE-2010-3303 mantis various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=633011
Please note: this issue affects multipl
Bugzilla
CVE-2010-3303 mantis: several XSS flaws fixed in 1.2.3
bugzilla·2010-09-15·CVSS 2.1
CVE-2010-3303 [LOW] CVE-2010-3303 mantis: several XSS flaws fixed in 1.2.3
CVE-2010-3303 mantis: several XSS flaws fixed in 1.2.3
Upstream MantisBT has released [1] version 1.2.3 which corrects a number of XSS flaws. Two already have CVE names: CVE-2010-3070 and CVE-2010-2574. There are an additional four issues currently without CVE names.
From the changelog [1]:
- 0012312: [security] NuSOAP WSDL XSS (cross-site scripting vulnerability) in Mantis 1.2.2 (CVE-2010-3070)
- 0012230: [security] XSS vulnerability when deleting maliciously named categories (CVE-2010-2574)
- 0012231: [security] XSS vulnerability when uninstalling maliciously named plugins
- 0012232: [security] Multiple XSS issues with custom field enumeration values
- 0012234: [security] XSS issues when using custom field String values
- 0012238: [security] XSS in print_all_bug_page_word.php when pri
Bugzilla
Mantis: Vulnerable to CVE-2010-3070 (XSS in php-nusoap) due use of embedded copy of nusoap library
bugzilla·2010-09-12·CVSS 4.3
CVE-2010-3070 [MEDIUM] Mantis: Vulnerable to CVE-2010-3070 (XSS in php-nusoap) due use of embedded copy of nusoap library
Mantis: Vulnerable to CVE-2010-3070 (XSS in php-nusoap) due use of embedded copy of nusoap library
An XSS flaw has been reported against NuSOAP (original report against Mantis)
[1] http://www.mantisbt.org/bugs/view.php?id=12312
Report against NuSOAP:
[2] http://sourceforge.net/projects/nusoap/forums/forum/193579/topic/3834005
David Hicks of Mantis community provided a temporary fix:
[3] http://git.mantisbt.org/?p=mantisbt.git;a=commit;h=edb817991b99cd5538f102be26865fde7c6b7212
till the issue is addressed on NuSOAP side. The versions of php-nusoap
packages, as shipped with Fedora release of 12 and 13 has been already
updated:
[4] https://bugzilla.redhat.com/show_bug.cgi?id=629585
[5] https://bugzilla.redhat.com/show_bug.cgi?id=629585#c2
[6] https://bugzilla.redhat.com/show_bug.cgi?id=62
Bugzilla
CVE-2010-3070 php-nusoap: XSS vulnerability due improper escaping of URLs
bugzilla·2010-09-02·CVSS 4.3
CVE-2010-3070 [MEDIUM] CVE-2010-3070 php-nusoap: XSS vulnerability due improper escaping of URLs
CVE-2010-3070 php-nusoap: XSS vulnerability due improper escaping of URLs
Bogdan Calin at at Acunetix discovered a XSS vulnerability in NuSOAP 0.9.5
All details in:
http://sourceforge.net/projects/nusoap/forums/forum/193579/topic/3834005
Discussion:
An patch is provided at:
http://www.mantisbt.org/bugs/view.php?id=12312
---
php-nusoap-0.9.5-1.fc12 has been submitted as an update for Fedora 12.
https://admin.fedoraproject.org/updates/php-nusoap-0.9.5-1.fc12
---
php-nusoap-0.9.5-1.fc13 has been submitted as an update for Fedora 13.
https://admin.fedoraproject.org/updates/php-nusoap-0.9.5-1.fc13
---
php-nusoap-0.9.5-1.fc14 has been submitted as an update for Fedora 14.
https://admin.fedoraproject.org/updates/php-nusoap-0.9.5-1.fc14
---
php-nusoap-0.9.5-1.el5 has been submitted as
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=595248http://git.debian.org/?p=users/olberger-guest/nusoap.git%3Ba=blob%3Bf=debian/patches/595248.patch%3Bh=6af3d725fe74d839764d9755c5bb18458a192518%3Bhb=268f03b88c6900d1a87b17734c248c705c22cb07http://git.debian.org/?p=users/olberger-guest/nusoap.git%3Ba=blobdiff%3Bf=debian/patches/595248.patch%3Bh=11202fa70433b62aeab7dfc68af668329bc0fe7e%3Bhp=6af3d725fe74d839764d9755c5bb18458a192518%3Bhb=3ac7a26a49086c6b91fb79e5acafcfcdc5d6980a%3Bhpb=268f03b88c6900d1a87b17734c248c705c22cb07http://git.mantisbt.org/?p=mantisbt.git%3Ba=commit%3Bh=edb817991b99cd5538f102be26865fde7c6b7212http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048317.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-September/048325.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-September/048548.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-September/048639.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-September/048659.htmlhttp://secunia.com/advisories/41653http://sourceforge.net/mailarchive/message.php?msg_name=4C8FC573.3060900%40leetcode.nethttp://sourceforge.net/projects/nusoap/forums/forum/193579/topic/3834005http://www.mantisbt.org/bugs/changelog_page.php?version_id=111http://www.mantisbt.org/bugs/view.php?id=12312http://www.openwall.com/lists/oss-security/2010/09/03/2http://www.openwall.com/lists/oss-security/2010/09/07/4http://www.openwall.com/lists/oss-security/2010/09/14/12http://www.openwall.com/lists/oss-security/2010/09/14/13http://www.securityfocus.com/bid/42959http://www.vupen.com/english/advisories/2010/2535https://bugzilla.redhat.com/show_bug.cgi?id=629585https://bugzilla.redhat.com/show_bug.cgi?id=633011http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=595248http://git.debian.org/?p=users/olberger-guest/nusoap.git%3Ba=blob%3Bf=debian/patches/595248.patch%3Bh=6af3d725fe74d839764d9755c5bb18458a192518%3Bhb=268f03b88c6900d1a87b17734c248c705c22cb07http://git.debian.org/?p=users/olberger-guest/nusoap.git%3Ba=blobdiff%3Bf=debian/patches/595248.patch%3Bh=11202fa70433b62aeab7dfc68af668329bc0fe7e%3Bhp=6af3d725fe74d839764d9755c5bb18458a192518%3Bhb=3ac7a26a49086c6b91fb79e5acafcfcdc5d6980a%3Bhpb=268f03b88c6900d1a87b17734c248c705c22cb07http://git.mantisbt.org/?p=mantisbt.git%3Ba=commit%3Bh=edb817991b99cd5538f102be26865fde7c6b7212http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048317.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-September/048325.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-September/048548.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-September/048639.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-September/048659.htmlhttp://secunia.com/advisories/41653http://sourceforge.net/mailarchive/message.php?msg_name=4C8FC573.3060900%40leetcode.nethttp://sourceforge.net/projects/nusoap/forums/forum/193579/topic/3834005http://www.mantisbt.org/bugs/changelog_page.php?version_id=111http://www.mantisbt.org/bugs/view.php?id=12312http://www.openwall.com/lists/oss-security/2010/09/03/2http://www.openwall.com/lists/oss-security/2010/09/07/4http://www.openwall.com/lists/oss-security/2010/09/14/12http://www.openwall.com/lists/oss-security/2010/09/14/13http://www.securityfocus.com/bid/42959http://www.vupen.com/english/advisories/2010/2535https://bugzilla.redhat.com/show_bug.cgi?id=629585https://bugzilla.redhat.com/show_bug.cgi?id=633011
2010-09-28
Published