CVE-2009-2162

Published Jun 22, 2009

Last updated 8 years ago

CVSS info 4.3

Overview

Description: Cross-site scripting (XSS) vulnerability in the XOOPS MANIAC PukiWikiMod module 1.6.6.2 and earlier for XOOPS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ishii:pukiwikimod:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B5043DC-1598-474D-857A-A555F2FD1314",
            "versionEndIncluding": "1.6.6.2"
          },
          {
            "criteria": "cpe:2.3:a:ishii:pukiwikimod:1.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "97824B66-C39D-475D-A429-62BC7635CC2E"
          },
          {
            "criteria": "cpe:2.3:a:ishii:pukiwikimod:1.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FA2C9B8-6E67-4CA3-92D3-F7822E9E2347"
          },
          {
            "criteria": "cpe:2.3:a:ishii:pukiwikimod:1.5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02F33879-778C-4005-AFCD-E30227389D4E"
          },
          {
            "criteria": "cpe:2.3:a:ishii:pukiwikimod:1.5.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC947603-0A55-4FDA-A8C5-22B67531800A"
          },
          {
            "criteria": "cpe:2.3:a:ishii:pukiwikimod:1.5.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D68E1C9-C9EB-41F9-A889-AC01D2B2A1B7"
          },
          {
            "criteria": "cpe:2.3:a:ishii:pukiwikimod:1.5.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1937262-41C4-4C7F-9BDB-B8028736450E"
          },
          {
            "criteria": "cpe:2.3:a:ishii:pukiwikimod:1.6.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A0FE1DF-6FB2-49BA-A0BD-B22D91CCB939"
          },
          {
            "criteria": "cpe:2.3:a:ishii:pukiwikimod:1.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16D47500-E9C6-48A8-9EFC-47C3809748F5"
          },
          {
            "criteria": "cpe:2.3:a:ishii:pukiwikimod:1.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76E8153D-DEF7-4DC8-B19B-9F6D3DEEEB1C"
          },
          {
            "criteria": "cpe:2.3:a:ishii:pukiwikimod:1.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93AF50CC-8D82-44F9-8607-80C4C4652CC5"
          },
          {
            "criteria": "cpe:2.3:a:ishii:pukiwikimod:1.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "50CB588C-30AA-4E24-8DCA-5006C5C4FAA9"
          },
          {
            "criteria": "cpe:2.3:a:ishii:pukiwikimod:1.6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28566651-CBF5-4CEF-A3CF-FD83B5EB8A34"
          },
          {
            "criteria": "cpe:2.3:a:ishii:pukiwikimod:1.6.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E26C76E9-E130-4EA7-B6DF-B408BC15839F"
          },
          {
            "criteria": "cpe:2.3:a:ishii:pukiwikimod:1.6.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7BEEB3E-F7F6-466A-9622-A8D648CBA832"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:xoops:xoops:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EB325E21-BD1E-4C12-B3B1-7210AFFD1235"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References