Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.3.3 allow remote attackers to inject arbitrary web script or HTML via (1) ftp/index.php, (2) viewer.php, (3) functions/other.php, (4) include/left_menu.class.php, and (5) plugins/stats/stats_view.php.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linpha | Linpha | <= 1.3.2 |
Related Weaknesses (CWE)
References
- http://linpha.cvs.sourceforge.net/linpha/linpha/ChangeLog?view=markup
- http://linpha.sourceforge.net/wiki/index.php/Release_Notes#Version_1.3.3
- http://secunia.com/advisories/29525Vendor Advisory
- http://linpha.cvs.sourceforge.net/linpha/linpha/ChangeLog?view=markup
- http://linpha.sourceforge.net/wiki/index.php/Release_Notes#Version_1.3.3
- http://secunia.com/advisories/29525Vendor Advisory
FAQ
What is CVE-2008-1487?
CVE-2008-1487 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.3.3 allow remote attackers to inject arbitrary web script or HTML via (1) ftp/index.php, (2) viewer.php, (3) functions/other.php,...
How severe is CVE-2008-1487?
CVE-2008-1487 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1487?
Check the references section above for vendor advisories and patch information. Affected products include: Linpha Linpha.