CVE-2008-0092

medium

Description

Cross-site scripting (XSS) vulnerability in index.php in the search module in Appalachian State University phpWebSite 1.4.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/39391

http://www.securityfocus.com/archive/1/485704/100/0/threaded

http://securityreason.com/securityalert/3511

http://secunia.com/advisories/28303

http://phpwebsite.appstate.edu/blog/2143

Details

Source: Mitre, NVD

Published: 2008-01-04

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.04385