fkie_cve-2010-1482
Vulnerability from fkie_nvd
Published
2010-05-12 16:05
Modified
2024-11-21 01:14
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in admin/editprefs.php in the backend in CMS Made Simple (CMSMS) before 1.7.1 might allow remote attackers to inject arbitrary web script or HTML via the date_format_string parameter.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77E35FF6-DE6D-451D-B6D6-F42A01174712",
"versionEndIncluding": "1.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B87A7B4D-FB2C-4896-BF22-76F5D16A995E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D76634F-6DC4-49CD-8060-21F2ED17F652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C0FBFCAD-8850-4804-9B2A-566FDDE39685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C94DE9A2-E9AA-43BC-8D1F-EFA97722C482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.11:beta5:*:*:*:*:*:*",
"matchCriteriaId": "0B2004E5-1AC3-4EDF-B160-F258769040D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.11:beta6:*:*:*:*:*:*",
"matchCriteriaId": "C097A9F3-96A3-4893-944E-8AF89D37CED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0DCBA3A6-3776-470D-BFC7-E4836D2A586F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C7F327F-CA20-47C1-BF99-AB4A439EAB07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "04796760-3ED2-4B65-B571-6685916A8130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.12:beta1:*:*:*:*:*:*",
"matchCriteriaId": "6B7A5E24-6619-45E5-8020-3176B53E39C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.12:beta2:*:*:*:*:*:*",
"matchCriteriaId": "23EC4CE4-70A6-4CF8-8725-B7B811702854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2B5C6034-A597-41A6-9F1A-F3DAB63DF31C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9FE3B4A8-9C8A-46D2-A8EB-49FD3533ED3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.13:beta1:*:*:*:*:*:*",
"matchCriteriaId": "146A6076-43F1-44C5-B111-29715C7A21C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.13:beta2:*:*:*:*:*:*",
"matchCriteriaId": "4FCCAF43-71C3-4AC5-A094-9F6F2DE281D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.13:beta3:*:*:*:*:*:*",
"matchCriteriaId": "71FD39E0-75EE-4735-97B5-2AE12C16B63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "43F7E5BD-553E-4731-BED1-7E7DB772AD82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "5CF35F3A-634C-4C36-B3E6-F1208F9D01F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "0349FD9D-06E4-4B17-8360-003111D16A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "E2D0D697-D088-40B1-8D80-B881A7530006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "7F29A39F-4D8A-4683-8561-8C77B17005F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "E6C93E33-ABC4-434F-AF93-F8F697D5D62A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0:beta6:*:*:*:*:*:*",
"matchCriteriaId": "36B57E13-2F90-49DD-988F-8A7F776536ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F4BF3B2C-1909-4CCF-A487-6378615D6A4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD2946B5-8AAF-4386-8C31-7D291C31BB7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB06C16-336C-4D85-84F6-24F079A2B144",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB1C531-AA30-4B89-A8BF-744B053B4983",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0AE7F4-49F8-443A-9C8F-2F1C42F46713",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0203A997-A077-4A8A-A3FE-CA9D10FF43AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A5AAB099-B114-4A99-B086-9BA7866D4E7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "942BF218-1898-4135-9CA9-FAE4F091C883",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "574E610A-4799-45C9-B005-C1593B033AD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "ACB091A6-5B3A-4C2B-9CD8-3C59549772EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "ABDA3920-B609-491E-858B-5D9CBC7F1955",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "8089FEC3-3E01-4D8E-BACB-6A42781D5151",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3F3B9680-3A66-4508-A318-B9B348FDC222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9BDADD27-8249-4DE3-A2B5-EE1A3AD73F28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "87178F45-424A-47D8-BEA5-B8371B722CC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49DE10A7-9BC6-4B33-97FC-5FEB44AEAFBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A2FA0450-91E6-4250-A1D1-F2CFBB74A5B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2:beta1:*:*:*:*:*:*",
"matchCriteriaId": "6A607317-26A0-431B-AC83-2637CD2C5561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2:beta2:*:*:*:*:*:*",
"matchCriteriaId": "CD8C48F5-844F-425D-A577-C0D6D3037F76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2:beta3:*:*:*:*:*:*",
"matchCriteriaId": "29389D5B-96DA-4889-AE13-848CD959414C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7A575B72-7763-4BA4-A1BF-96B31203479A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "98D93656-A4D2-44C4-82EC-55C8BE1A7304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BAEAE47F-5A26-474E-8F7F-72976A8FEBA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E188A80A-980F-4AD8-B3B8-21D303121F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E730A3A8-8A60-4CC5-B167-26984DE0DA3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FA19F5B2-7C5C-43DD-85ED-E2CD4EF6E748",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "778E5678-B763-415E-AA35-EF644E7A2CD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.3:beta1:*:*:*:*:*:*",
"matchCriteriaId": "7DEC1EBC-1DBA-4350-8B34-7A872C62B6BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.3:beta2:*:*:*:*:*:*",
"matchCriteriaId": "078B102C-748B-4847-8413-71659982AF01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91C39415-8F99-45FB-BE00-1888901BB4D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8F8649F4-1A33-41AE-888F-2D6BB19BCB6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.4:beta1:*:*:*:*:*:*",
"matchCriteriaId": "F6D11F61-8D0C-4545-9193-370D6D01ECB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.4:beta2:*:*:*:*:*:*",
"matchCriteriaId": "60F2A706-CBF1-42F5-AC04-E68C1981CCB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DC37F28-C58A-4492-A107-4348ECE9AAFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "206B72EC-895E-4DA0-B41B-AAE41E53C108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.5:beta1:*:*:*:*:*:*",
"matchCriteriaId": "A46A8B81-2D8D-431A-832A-4517E9616B92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CC131029-CE9C-437E-B3D3-7924062E14D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF34A817-09AC-4C7E-916B-1B158C5EE599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "20E8FFE1-9431-4146-AFD3-5491F5FE3C23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C1016173-D980-4909-86C0-81C94711FE27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "068BF668-9626-4CA4-A401-1946DCF916AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA029BD9-1025-4802-BAE2-BEE218715FC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9928102A-27E2-4604-93F4-318BA7CDCAFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F1EECFB4-7001-411F-BBAE-BABD5248E4B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "40C6F2FA-0518-4B2A-9F05-51897A16AF6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A35145EB-E7A7-48EC-91A9-9D423F316712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "589C199E-12F9-41CF-BFE0-4B952B773460",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9992D-2EF4-4DBF-898A-6284A074403E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in admin/editprefs.php in the backend in CMS Made Simple (CMSMS) before 1.7.1 might allow remote attackers to inject arbitrary web script or HTML via the date_format_string parameter."
},
{
"lang": "es",
"value": "Una vulnerabilidad de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en admin/editprefs.php en el backend de CMS Made Simple (CMSMS) antes de v1.7.1 podr\u00eda permitir a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s del par\u00e1metro date_format_string."
}
],
"id": "CVE-2010-1482",
"lastModified": "2024-11-21T01:14:31.400",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-05-12T16:05:02.733",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blog.cmsmadesimple.org/2010/05/01/announcing-cms-made-simple-1-7-1-escade/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://int21.de/cve/CVE-2010-1482-cmsmadesimple-xss-backend.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/archive/1/511178"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/39997"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog.cmsmadesimple.org/2010/05/01/announcing-cms-made-simple-1-7-1-escade/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://int21.de/cve/CVE-2010-1482-cmsmadesimple-xss-backend.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/archive/1/511178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/39997"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.