VAR-200607-0486
Vulnerability from variot - Updated: 2024-02-14 22:47Cross-site scripting (XSS) vulnerability in index.php in FlexWATCH Network Camera 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. FlexWATCH 3.0 and prior versions are affected.
Hardcore Disassembler / Reverse Engineer
Reversing must be a passion as your skills will be challenged on a daily basis and you will be working several hours everyday in IDA, Ollydbg, and with BinDiff. Often, it is also required that you write a PoC or even a working exploit to prove that an issue is exploitable.
http://secunia.com/hardcore_disassembler_and_reverse_engineer/
TITLE: FlexWATCH Network Camera FW-3400 Two Vulnerabilities
SECUNIA ADVISORY ID: SA20994
VERIFY ADVISORY: http://secunia.com/advisories/20994/
CRITICAL: Less critical
IMPACT: Security Bypass, Cross Site Scripting
WHERE:
From remote
OPERATING SYSTEM: FlexWATCH Network Camera FW-3400 http://secunia.com/product/10980/
DESCRIPTION: Jaime Blasco has reported two vulnerabilities in FlexWATCH Network Camera FW-3400, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions.
Example: http://[host]/[code]
2) An input validation error in the HTTP request handling can be exploited to access the administration section without being authenticated via the "..%2f" directory traversal sequence.
SOLUTION: Filter malicious characters and character sequences in a proxy server or firewall with URL filtering capabilities.
PROVIDED AND/OR DISCOVERED BY: Jaime Blasco
ORIGINAL ADVISORY: Digital Armaments: http://www.digitalarmaments.com/2006300687985463.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200607-0486",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flexwatch network camera",
"scope": "eq",
"trust": 1.6,
"vendor": "seyeon",
"version": "3.0"
},
{
"model": "flexwatch network camera",
"scope": "lte",
"trust": 0.8,
"vendor": "seyeon",
"version": "3.0"
},
{
"model": "flexbackup",
"scope": "eq",
"trust": 0.3,
"vendor": "flexbackup",
"version": "1.2.1"
}
],
"sources": [
{
"db": "BID",
"id": "18936"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002761"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-277"
},
{
"db": "NVD",
"id": "CVE-2006-3603"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:seyeon:flexwatch_network_camera:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-3603"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jaime Blasco is credited with the discovery of this vulnerability.",
"sources": [
{
"db": "BID",
"id": "18936"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-277"
}
],
"trust": 0.9
},
"cve": "CVE-2006-3603",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2006-3603",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-19711",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-3603",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200607-277",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-19711",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2006-3603",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19711"
},
{
"db": "VULMON",
"id": "CVE-2006-3603"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002761"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-277"
},
{
"db": "NVD",
"id": "CVE-2006-3603"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in index.php in FlexWATCH Network Camera 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL. This issue is due to a failure in the application to properly sanitize user-supplied input. \nAn attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. \nFlexWATCH 3.0 and prior versions are affected. \n\n----------------------------------------------------------------------\n\nHardcore Disassembler / Reverse Engineer\n\nReversing must be a passion as your skills will be challenged\non a daily basis and you will be working several hours\neveryday in IDA, Ollydbg, and with BinDiff. Often, it is also\nrequired that you write a PoC or even a working exploit to\nprove that an issue is exploitable. \n\nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\n\n----------------------------------------------------------------------\n\nTITLE:\nFlexWATCH Network Camera FW-3400 Two Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA20994\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/20994/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nSecurity Bypass, Cross Site Scripting\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nFlexWATCH Network Camera FW-3400\nhttp://secunia.com/product/10980/\n\nDESCRIPTION:\nJaime Blasco has reported two vulnerabilities in FlexWATCH Network\nCamera FW-3400, which can be exploited by malicious people to conduct\ncross-site scripting attacks and bypass certain security\nrestrictions. \n\nExample:\nhttp://[host]/[code]\n\n2) An input validation error in the HTTP request handling can be\nexploited to access the administration section without being\nauthenticated via the \"..%2f\" directory traversal sequence. \n\nSOLUTION:\nFilter malicious characters and character sequences in a proxy server\nor firewall with URL filtering capabilities. \n\nPROVIDED AND/OR DISCOVERED BY:\nJaime Blasco\n\nORIGINAL ADVISORY:\nDigital Armaments:\nhttp://www.digitalarmaments.com/2006300687985463.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-3603"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002761"
},
{
"db": "BID",
"id": "18936"
},
{
"db": "VULHUB",
"id": "VHN-19711"
},
{
"db": "VULMON",
"id": "CVE-2006-3603"
},
{
"db": "PACKETSTORM",
"id": "48144"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-19711",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=28205",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19711"
},
{
"db": "VULMON",
"id": "CVE-2006-3603"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-3603",
"trust": 2.6
},
{
"db": "BID",
"id": "18936",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "20994",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002761",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200607-277",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20061103 RE: DIGITAL ARMAMENTS SECURITY ADVISORY 10.07.2006: FLEXWATH AUTHORIZATION BYPASSING AND XSS VULNERABILITY",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060721 RE: DIGITAL ARMAMENTS SECURITY ADVISORY 10.07.2006: FLEXWATH AUTHORIZATION BYPASSING AND XSS VULNERABILITY",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060710 DIGITAL ARMAMENTS SECURITY ADVISORY 10.07.2006: FLEXWATH AUTHORIZATION BYPASSING AND XSS VULNERABILITY",
"trust": 0.6
},
{
"db": "XF",
"id": "27655",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "28205",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-81782",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-19711",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2006-3603",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "48144",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19711"
},
{
"db": "VULMON",
"id": "CVE-2006-3603"
},
{
"db": "BID",
"id": "18936"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002761"
},
{
"db": "PACKETSTORM",
"id": "48144"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-277"
},
{
"db": "NVD",
"id": "CVE-2006-3603"
}
]
},
"id": "VAR-200607-0486",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-19711"
}
],
"trust": 0.01
},
"last_update_date": "2024-02-14T22:47:51.404000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-3603"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.digitalarmaments.com/2006300687985463.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/18936"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/20994"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/439648/100/0/threaded"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/440893/100/100/threaded"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/450478/100/0/threaded"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27655"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3603"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-3603"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/27655"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/439648/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/450478/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/440893/100/100/threaded"
},
{
"trust": 0.3,
"url": "/archive/1/439648"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/28205/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/10980/"
},
{
"trust": 0.1,
"url": "http://[host]/[code]"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/20994/"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19711"
},
{
"db": "VULMON",
"id": "CVE-2006-3603"
},
{
"db": "BID",
"id": "18936"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002761"
},
{
"db": "PACKETSTORM",
"id": "48144"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-277"
},
{
"db": "NVD",
"id": "CVE-2006-3603"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-19711"
},
{
"db": "VULMON",
"id": "CVE-2006-3603"
},
{
"db": "BID",
"id": "18936"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002761"
},
{
"db": "PACKETSTORM",
"id": "48144"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-277"
},
{
"db": "NVD",
"id": "CVE-2006-3603"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-07-18T00:00:00",
"db": "VULHUB",
"id": "VHN-19711"
},
{
"date": "2006-07-18T00:00:00",
"db": "VULMON",
"id": "CVE-2006-3603"
},
{
"date": "2006-07-11T00:00:00",
"db": "BID",
"id": "18936"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-002761"
},
{
"date": "2006-07-12T07:20:23",
"db": "PACKETSTORM",
"id": "48144"
},
{
"date": "2006-07-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200607-277"
},
{
"date": "2006-07-18T15:37:00",
"db": "NVD",
"id": "CVE-2006-3603"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-19711"
},
{
"date": "2018-10-18T00:00:00",
"db": "VULMON",
"id": "CVE-2006-3603"
},
{
"date": "2006-11-06T17:02:00",
"db": "BID",
"id": "18936"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-002761"
},
{
"date": "2006-07-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200607-277"
},
{
"date": "2024-02-14T01:17:43.863000",
"db": "NVD",
"id": "CVE-2006-3603"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200607-277"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "FlexWATCH Network Camera of index.php Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-002761"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "48144"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-277"
}
],
"trust": 0.7
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…