Vulnerabilities > CVE-2002-2178 - Cross-Site Scripting vulnerability in PHPwebsite 0.8.3

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
phpwebsite
exploit available

Summary

Cross-site scripting (XSS) vulnerability in article.php module for phpWebSite 0.8.3 allows remote attackers to execute arbitrary Javascript script via the sid parameter, as demonstrated using an IMG tag. This vulnerability affects phpWebsite version 0.8.3, and may affect all other versions of phpWebsite.

Vulnerable Configurations

Part Description Count
Application
Phpwebsite
1

Exploit-Db

  • descriptionPHPWebSite 0.8.3 Article.PHP Cross-Site Scripting Vulnerability. CVE-2002-2178. Webapps exploit for php platform
    idEDB-ID:21899
    last seen2016-02-02
    modified2002-10-02
    published2002-10-02
    reporterSp.IC
    sourcehttps://www.exploit-db.com/download/21899/
    titlePHPWebSite 0.8.3 Article.PHP Cross-Site Scripting Vulnerability
  • descriptionPHPWebSite 0.8.3 News Message HTML Injection Vulnerability. CVE-2002-2178. Webapps exploit for php platform
    idEDB-ID:21864
    last seen2016-02-02
    modified2002-09-25
    published2002-09-25
    reporter[email protected]
    sourcehttps://www.exploit-db.com/download/21864/
    titlePHPWebSite 0.8.3 News Message HTML Injection Vulnerability