CVE-2008-1848

Cross-site scripting (XSS) vulnerability in the joomlaXplorer (com_joomlaxplorer) Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter in a show_error action to index.php.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:*
cpe:2.3:a:joomlacode:joomlaexplorer:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:45

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/28746 - Exploit () http://www.securityfocus.com/bid/28746 - Exploit
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/41779 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/41779 -
References () https://www.exploit-db.com/exploits/5431 - () https://www.exploit-db.com/exploits/5431 -

Information

Published : 2008-04-16 17:05

Updated : 2024-11-21 00:45


NVD link : CVE-2008-1848

Mitre link : CVE-2008-1848

CVE.ORG link : CVE-2008-1848


JSON object : View

Products Affected

joomlacode

  • joomlaexplorer

joomla

  • joomla
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')