CVE-2008-2761

Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute Banner Manager XE 2.0 allow remote authenticated administrators to inject arbitrary web script or HTML via the text parameter in (1) searchbanners.asp and (2) listadvertisers.asp, and other unspecified fields.  NOTE: some of these details are obtained from third party information.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.5 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 57%
VendorProductVersion
xiglaabsolute_banner_manager
2.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://bugreport.ir/index.php?/41
http://marc.info/?l=bugtraq&m=121322052622903&w=2
http://secunia.com/advisories/30641
http://securityreason.com/securityalert/3950
http://www.securityfocus.com/bid/29672
https://exchange.xforce.ibmcloud.com/vulnerabilities/43045
http://bugreport.ir/index.php?/41
http://marc.info/?l=bugtraq&m=121322052622903&w=2
http://secunia.com/advisories/30641
http://securityreason.com/securityalert/3950
http://www.securityfocus.com/bid/29672
https://exchange.xforce.ibmcloud.com/vulnerabilities/43045