Vulnerability Description
A vulnerability was found in HealthMateWeb. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file createaccount.php. The manipulation of the argument username/password/first_name/last_name/company/phone leads to cross site scripting. The attack can be launched remotely. The patch is named 472776c25b1046ecaf962c46fed7c713c72c28e3. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217663.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Healthmateweb Project | Healthmateweb | < 2015-02-14 |
Related Weaknesses (CWE)
References
- https://github.com/StevenElberger/HealthMateWeb/commit/472776c25b1046ecaf962c46fPatchThird Party Advisory
- https://vuldb.com/?ctiid.217663Third Party AdvisoryVDB Entry
- https://vuldb.com/?id.217663Third Party AdvisoryVDB Entry
- https://github.com/StevenElberger/HealthMateWeb/commit/472776c25b1046ecaf962c46fPatchThird Party Advisory
- https://vuldb.com/?ctiid.217663Third Party AdvisoryVDB Entry
- https://vuldb.com/?id.217663Third Party AdvisoryVDB Entry
FAQ
What is CVE-2015-10032?
CVE-2015-10032 is a vulnerability with a CVSS score of 3.5 (LOW). A vulnerability was found in HealthMateWeb. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file createaccount.php. The manipulation of the argum...
How severe is CVE-2015-10032?
CVE-2015-10032 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-10032?
Check the references section above for vendor advisories and patch information. Affected products include: Healthmateweb Project Healthmateweb.