CVE-2010-1515

15.06.2010, 14:30

Multiple cross-site scripting (XSS) vulnerabilities in index.php in TomatoCMS 2.0.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) keyword or (2) article-id parameter in conjunction with a /admin/news/article/list PATH_INFO; the (3) keyword parameter in conjunction with a /admin/multimedia/set/list PATH_INFO; the (4) keyword or (5) fileId parameter in conjunction with a /admin/multimedia/file/list PATH_INFO; or the (6) name, (7) email, or (8) address parameter in conjunction with a /admin/ad/client/list PATH_INFO.

Cross-site Scripting

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Vector
NIST	NIST	2.6 UNKNOWN	NETWORK	HIGH	AV:N/AC:H/Au:N/C:N/I:P/A:N
flexera	CNA	---			---
CVE	ADP	---			---

Base Score

CVSS 3.x

EPSS Score

Percentile: 53%

Vendor	Product	Version
tomatocms	tomatocms	𝑥 ≤ 2.0.6
tomatocms	tomatocms	2.0.0
tomatocms	tomatocms	2.0.1
tomatocms	tomatocms	2.0.2
tomatocms	tomatocms	2.0.3
tomatocms	tomatocms	2.0.3.1430
tomatocms	tomatocms	2.0.3.1622
tomatocms	tomatocms	2.0.4
tomatocms	tomatocms	2.0.5

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References

http://holisticinfosec.org/content/view/148/45/

http://secunia.com/advisories/39680

http://secunia.com/secunia_research/2010-58/

http://www.securityfocus.com/bid/40544

http://holisticinfosec.org/content/view/148/45/

http://secunia.com/advisories/39680

http://secunia.com/secunia_research/2010-58/

http://www.securityfocus.com/bid/40544