CVE-2008-6470

high

Description

Multiple unspecified vulnerabilities in ClanSphere before 2008.2.1 allow remote attackers to obtain sensitive information, and possibly have unknown other impact, via vectors related to "javascript insert" and the (1) mods/messages/getusers.php and (2) mods/abcode/listimg.php files. NOTE: some of these details are obtained from third party information.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/45269

http://www.securityfocus.com/bid/31293

http://www.clansphere.net/index/news/view/id/306

http://www.clansphere.net/index/news/view/id/289

http://sourceforge.net/project/shownotes.php?release_id=627530

http://secunia.com/advisories/31965

http://osvdb.org/48451

Details

Source: Mitre, NVD

Published: 2009-03-13

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.0056