Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2008-4535
Modified
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-10 Oct, 2008 | 18:13
Updated At-08 Aug, 2017 | 01:32

Cross-site scripting (XSS) vulnerability in EC-CUBE Ver2 2.1.2a and earlier, EC-CUBE Ver2 Beta(RC) 2.2.0-beta and earlier, and EC-CUBE Community Edition Nighly-Build r17623 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2008-4536 and CVE-2008-4537.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
CPE Matches
ec-cube
ec-cube
>>ec-cube>>Versions up to 2.1.2a(inclusive)
cpe:2.3:a:ec-cube:ec-cube:*:*:*:*:*:*:*:*
ec-cube
ec-cube
>>ec-cube>>Versions up to 2.3.0(inclusive)
cpe:2.3:a:ec-cube:ec-cube:*:*:*:*:*:*:*:*
ec-cube
ec-cube
>>ec-cube>>1.0
cpe:2.3:a:ec-cube:ec-cube:1.0:*:*:*:*:*:*:*
ec-cube
ec-cube
>>ec-cube>>1.4.7
cpe:2.3:a:ec-cube:ec-cube:1.4.7:*:*:*:*:*:*:*
ec-cube
ec-cube
>>ec-cube>>1.5.0
cpe:2.3:a:ec-cube:ec-cube:1.5.0:b2:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-79Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://jvn.jp/en/jp/JVN99916563/index.htmlcve@mitre.org
N/A
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000064.htmlcve@mitre.org
N/A
http://secunia.com/advisories/32065cve@mitre.org
N/A
http://www.ec-cube.net/release/detail.php?release_id=193cve@mitre.org
Patch
Vendor Advisory
http://www.securityfocus.com/bid/31509cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/45591cve@mitre.org
N/A
Change History
0Changes found
Details not found