CVE-2010-4745
Published Feb 21, 2011
Last updated 7 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in nav.html in PHPXref before 0.7.1 allows remote attackers to inject arbitrary web script or HTML via the query string.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gareth_watts:phpxref:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8FF0CDA8-4F44-44A3-BE8A-EA94FB5A7B80",
"versionEndIncluding": "0.7"
},
{
"criteria": "cpe:2.3:a:gareth_watts:phpxref:0.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C645BB95-97FE-4065-B4E5-56656DC8B763"
},
{
"criteria": "cpe:2.3:a:gareth_watts:phpxref:0.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "10048484-D504-4A94-A909-D56388A47780"
},
{
"criteria": "cpe:2.3:a:gareth_watts:phpxref:0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55A89EAE-D4E3-4362-AA2B-5FC9C109E947"
},
{
"criteria": "cpe:2.3:a:gareth_watts:phpxref:0.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD89FF4B-9E8D-4406-AC6E-CCFE1AE9ED06"
},
{
"criteria": "cpe:2.3:a:gareth_watts:phpxref:0.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F0E04D56-AA17-496B-BE4B-D1C9449C5A50"
},
{
"criteria": "cpe:2.3:a:gareth_watts:phpxref:0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DA54DF9D-6B8E-4320-A2B0-586629ACADA9"
},
{
"criteria": "cpe:2.3:a:gareth_watts:phpxref:0.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "26100B0C-E4EF-47B4-A923-DD6F562A0235"
},
{
"criteria": "cpe:2.3:a:gareth_watts:phpxref:0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F350391A-AECD-4E18-A28D-67DAC1BC0FD6"
},
{
"criteria": "cpe:2.3:a:gareth_watts:phpxref:0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D3D44469-7BB8-4D05-8590-CF3EBE281DFB"
}
],
"operator": "OR"
}
]
}
]