MySQL Eventum Multiple Flaws Network Vulnerability

Summary

The remote host seems to be running MySQL Eventum, a user-friendly and flexible issue tracking system written in PHP. The remote version of this software is vulnerable to cross-site scripting attacks, through multiple scripts. With a specially crafted URL, an attacker can use the remote server to perform an attack against third party users of the remote service, in order to steal their credentials.

Solution

No update available yet

Severity

Classification

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

aeNovo Database Content Disclosure Vulnerability
Alt-N WebAdmin Remote Source Code Information Disclosure Vulnerability
Adobe ColdFusion Multiple Cross Site Scripting Vulnerabilities
Andromeda Streaming MP3 Server Cross Site Scripting Vulnerability
@Mail WebMail Email Body HTML Injection Vulnerability

MySQL Eventum Multiple flaws

Take action and discover your vulnerabilities