Vulnerability Description
Multiple unspecified vulnerabilities in ClanSphere before 2008.2.1 allow remote attackers to obtain sensitive information, and possibly have unknown other impact, via vectors related to "javascript insert" and the (1) mods/messages/getusers.php and (2) mods/abcode/listimg.php files. NOTE: some of these details are obtained from third party information.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Clansphere | Clansphere | <= 2008 |
References
- http://osvdb.org/48451
- http://secunia.com/advisories/31965Vendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=627530Patch
- http://www.clansphere.net/index/news/view/id/289Vendor Advisory
- http://www.clansphere.net/index/news/view/id/306Vendor Advisory
- http://www.securityfocus.com/bid/31293
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45269
- http://osvdb.org/48451
- http://secunia.com/advisories/31965Vendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=627530Patch
- http://www.clansphere.net/index/news/view/id/289Vendor Advisory
- http://www.clansphere.net/index/news/view/id/306Vendor Advisory
- http://www.securityfocus.com/bid/31293
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45269
FAQ
What is CVE-2008-6470?
CVE-2008-6470 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Multiple unspecified vulnerabilities in ClanSphere before 2008.2.1 allow remote attackers to obtain sensitive information, and possibly have unknown other impact, via vectors related to "javascript in...
How severe is CVE-2008-6470?
CVE-2008-6470 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-6470?
Check the references section above for vendor advisories and patch information. Affected products include: Clansphere Clansphere.