VDB-218007 · CVE-2013-10010 · GCVE-100-218007

zerochplus thread.res.pl PrintResList କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ

Rakkoon nageenyaa kan ସମସ୍ୟାଜନକ jedhamuun beekamu zerochplus keessatti argameera. Kan miidhamte is hojii PrintResList faayilii test/mordor/thread.res.pl keessa. Hojii jijjiirraa gara କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ geessa. CWE fayyadamuun rakkoo ibsuun gara CWE-79 geessa. Dadhabbii kana yeroo 01/11/2023 maxxanfameera akka 9ddf9ecca8565341d8d26a3b2f64540bde4fa273. Odeeffannoon kun buufachuuf github.com irratti qoodameera. Dogoggorri kun akka CVE-2013-10010tti beekama. Yaaliin weeraraa fageenya irraa jalqabamuu ni danda'a. Faayidaaleen teeknikaa ni jiru. Meeshaa balaa kana fayyadamuuf hin jiru. Amma, gatii ammee exploit might be approx. USD $0-$5k ta'uu danda'a. Akka ଅପରିଭାଷିତ jedhamee ibsameera. Akka 0-daytti, gatii daldalaa dhoksaa tilmaamame $0-$5k ta'ee ture. Beekamtii paachii kanaa 9ddf9ecca8565341d8d26a3b2f64540bde4fa273 dha. Sirreeffamni rakkoo github.com irratti buufachuuf jira. Paachii fe'uun rakkoo kana furuuf ni gorfama. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

3 ଆଡାପ୍ଟେସନ୍ · 71 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 01/11/2023 04:03 PM	ଅଦ୍ୟତନ 1/2 02/01/2023 04:56 PM	ଅଦ୍ୟତନ 2/2 02/01/2023 05:03 PM
software_name	zerochplus	zerochplus	zerochplus
software_file	test/mordor/thread.res.pl	test/mordor/thread.res.pl	test/mordor/thread.res.pl
software_function	PrintResList	PrintResList	PrintResList
vulnerability_cwe	CWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ)	CWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ)	CWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ)
vulnerability_risk	1	1	1
cvss3_vuldb_av	N	N	N
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	N	N	N
cvss3_vuldb_ui	R	R	R
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	N	N	N
cvss3_vuldb_i	L	L	L
cvss3_vuldb_a	N	N	N
cvss3_vuldb_rl	O	O	O
cvss3_vuldb_rc	C	C	C
advisory_identifier	9ddf9ecca8565341d8d26a3b2f64540bde4fa273	9ddf9ecca8565341d8d26a3b2f64540bde4fa273	9ddf9ecca8565341d8d26a3b2f64540bde4fa273
advisory_url	https://github.com/zerochplus/zerochplus/commit/9ddf9ecca8565341d8d26a3b2f64540bde4fa273	https://github.com/zerochplus/zerochplus/commit/9ddf9ecca8565341d8d26a3b2f64540bde4fa273	https://github.com/zerochplus/zerochplus/commit/9ddf9ecca8565341d8d26a3b2f64540bde4fa273
countermeasure_name	ପ୍ୟାଚ୍	ପ୍ୟାଚ୍	ପ୍ୟାଚ୍
patch_name	9ddf9ecca8565341d8d26a3b2f64540bde4fa273	9ddf9ecca8565341d8d26a3b2f64540bde4fa273	9ddf9ecca8565341d8d26a3b2f64540bde4fa273
countermeasure_patch_url	https://github.com/zerochplus/zerochplus/commit/9ddf9ecca8565341d8d26a3b2f64540bde4fa273	https://github.com/zerochplus/zerochplus/commit/9ddf9ecca8565341d8d26a3b2f64540bde4fa273	https://github.com/zerochplus/zerochplus/commit/9ddf9ecca8565341d8d26a3b2f64540bde4fa273
countermeasure_advisoryquote	パスワード抜きのXSS脆弱性対策	パスワード抜きのXSS脆弱性対策	パスワード抜きのXSS脆弱性対策
source_cve	CVE-2013-10010	CVE-2013-10010	CVE-2013-10010
cna_responsible	VulDB	VulDB	VulDB
advisory_date	1673391600 (01/11/2023)	1673391600 (01/11/2023)	1673391600 (01/11/2023)
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	L	L	L
cvss2_vuldb_au	N	N	N
cvss2_vuldb_ci	N	N	N
cvss2_vuldb_ii	P	P	P
cvss2_vuldb_ai	N	N	N
cvss2_vuldb_rc	C	C	C
cvss2_vuldb_rl	OF	OF	OF
cvss2_vuldb_e	ND	ND	ND
cvss3_vuldb_e	X	X	X
cvss2_vuldb_basescore	5.0	5.0	5.0
cvss2_vuldb_tempscore	4.4	4.4	4.4
cvss3_vuldb_basescore	4.3	4.3	4.3
cvss3_vuldb_tempscore	4.1	4.1	4.1
cvss3_meta_basescore	4.3	4.3	4.9
cvss3_meta_tempscore	4.1	4.1	4.8
price_0day	$0-$5k	$0-$5k	$0-$5k
cve_assigned		1673391600 (01/11/2023)	1673391600 (01/11/2023)
cve_nvd_summary		A vulnerability classified as problematic has been found in zerochplus. This affects the function PrintResList of the file test/mordor/thread.res.pl. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is 9ddf9ecca8565341d8d26a3b2f64540bde4fa273. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218007.	A vulnerability classified as problematic has been found in zerochplus. This affects the function PrintResList of the file test/mordor/thread.res.pl. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is 9ddf9ecca8565341d8d26a3b2f64540bde4fa273. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218007.
cvss3_nvd_av			N
cvss3_nvd_ac			L
cvss3_nvd_pr			N
cvss3_nvd_ui			R
cvss3_nvd_s			C
cvss3_nvd_c			L
cvss3_nvd_i			L
cvss3_nvd_a			N
cvss2_nvd_av			N
cvss2_nvd_ac			L
cvss2_nvd_au			N
cvss2_nvd_ci			N
cvss2_nvd_ii			P
cvss2_nvd_ai			N
cvss3_cna_av			N
cvss3_cna_ac			L
cvss3_cna_pr			N
cvss3_cna_ui			R
cvss3_cna_s			U
cvss3_cna_c			N
cvss3_cna_i			L
cvss3_cna_a			N
cve_cna			VulDB
cvss2_nvd_basescore			5.0
cvss3_nvd_basescore			6.1
cvss3_cna_basescore			4.3

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Do you know our Splunk app?

Download it now for free!