CVE-2009-3450

Multiple cross-site scripting (XSS) vulnerabilities in WebCoreModule.ashx in RADactive I-Load before 2008.2.5.0 allow remote attackers to inject arbitrary web script or HTML via parameters with names beginning with __ (underscore underscore) sequences, which are incompatible with an XSS protection mechanism provided by Microsoft ASP.NET.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 66%
VendorProductVersion
radactivei-load
𝑥
≤ 2008.r2
radactivei-load
1.6.3
radactivei-load
1.6.3.1
radactivei-load
1.6.3.2
radactivei-load
1.6.3.3
radactivei-load
1.7.0.0
radactivei-load
1.7.0.1
radactivei-load
1.7.0.2
radactivei-load
1.7.0.3
radactivei-load
1.7.0.4
radactivei-load
1.7.0.5
radactivei-load
1.7.0.6
radactivei-load
1.7.0.7
radactivei-load
1.7.0.8
radactivei-load
1.7.0.9
radactivei-load
1.7.0.10
radactivei-load
1.7.0.11
radactivei-load
1.7.0.12
radactivei-load
1.7.5.0
radactivei-load
1.7.5.1
radactivei-load
1.7.5.2
radactivei-load
1.7.6.0
radactivei-load
1.7.6.1
radactivei-load
1.7.7.0
radactivei-load
1.7.7.1
radactivei-load
1.7.7.2
radactivei-load
1.7.7.3
radactivei-load
1.7.7.4
radactivei-load
1.7.7.5
radactivei-load
1.7.7.6
radactivei-load
1.7.7.8
radactivei-load
1.7.7.9
radactivei-load
1.7.7.11
radactivei-load
2008.1.0.0
radactivei-load
2008.1.0.1
radactivei-load
2008.1.0.2
radactivei-load
2008.1.1.0
radactivei-load
2008.1.2.0
radactivei-load
2008.1.2.1
radactivei-load
2008.1.3.0
radactivei-load
2008.2.1.0
radactivei-load
2008.2.1.1
radactivei-load
2008.2.2.0
radactivei-load
2008.2.3.0
radactivei-load
2008.2.3.1
radactivei-load
2008.2.3.2
radactivei-load
2008.2.4.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://radnet.radactive.com/forum/Default.aspx?g=posts&t=339
http://secunia.com/advisories/23807
http://www.osvdb.org/58195
http://www.securityfocus.com/archive/1/506555/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/53348
https://www.sec-consult.com/files/20090917-0_RADactive_I-Load_Multiple_Vulnerabilities.txt
http://radnet.radactive.com/forum/Default.aspx?g=posts&t=339
http://secunia.com/advisories/23807
http://www.osvdb.org/58195
http://www.securityfocus.com/archive/1/506555/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/53348
https://www.sec-consult.com/files/20090917-0_RADactive_I-Load_Multiple_Vulnerabilities.txt