CVE-2008-2188

EUVD-2008-2185
Multiple cross-site scripting (XSS) vulnerabilities in EJ3 BlackBook 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) bookCopyright and (2) ver parameters to (a) footer.php, and the (3) bookName, (4) bookMetaTags, and (5) estiloCSS parameters to (b) header.php.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
Affected Products (NVD)
VendorProductVersion
eejj33blackbook
1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://securityreason.com/securityalert/3873
http://www.securityfocus.com/archive/1/491549/100/0/threaded
http://www.securityfocus.com/bid/29015
https://exchange.xforce.ibmcloud.com/vulnerabilities/42147
http://securityreason.com/securityalert/3873
http://www.securityfocus.com/archive/1/491549/100/0/threaded
http://www.securityfocus.com/bid/29015
https://exchange.xforce.ibmcloud.com/vulnerabilities/42147