CVE-2003-0736
Last modified
CVE-2003-0736 is a vulnerability of currently unknown severity. Multiple cross-site scripting (XSS) vulnerabilities in phpWebSite 0.9.x and earlier allow remote attackers to execute arbitrary web script via (1) the day parameter in the calendar module, (2) the fatcat_id parameter in the fatcat module, (3) the PAGE_id parameter in the pagemaster module, (4) the PDA_limit parameter in the search, and (5) possibly other parameters in the calendar, fatcat, and pagemaster modules.. EPSS estimates a 2.59% chance of exploitation in the next 30 days.
Description
Multiple cross-site scripting (XSS) vulnerabilities in phpWebSite 0.9.x and earlier allow remote attackers to execute arbitrary web script via (1) the day parameter in the calendar module, (2) the fatcat_id parameter in the fatcat module, (3) the PAGE_id parameter in the pagemaster module, (4) the PDA_limit parameter in the search, and (5) possibly other parameters in the calendar, fatcat, and pagemaster modules.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Phpwebsite | Phpwebsite | <= 0.9.0 |
References
- http://www.kb.cert.org/vuls/id/664422US Government Resource
- http://www.kb.cert.org/vuls/id/664422US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2003-0736?
How severe is CVE-2003-0736?
How do I fix CVE-2003-0736?
Are you affected by CVE-2003-0736?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST