Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2010-1644

Date: August 23, 2010

Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via the (1) hostname or (2) description parameter to host.php, or (3) the host_id parameter to data_sources.php.

Severity Score

Related Resources (13)

http://secunia.com/advisories/41041
http://www.mandriva.com/security/advisories?name=MDVSA-2010:160
https://people.canonical.com/~ubuntu-security/cve/CVE-2010-1644
http://www.cacti.net/release_notes_0_8_7f.php
http://svn.cacti.net/viewvc?view=rev&revision=5901
http://www.vupen.com/english/advisories/2010/2132
http://www.securityfocus.com/archive/1/511393
https://nvd.nist.gov/vuln/detail/CVE-2010-1644
https://bugzilla.redhat.com/show_bug.cgi?id=609093
http://www.securityfocus.com/bid/40332
https://rhn.redhat.com/errata/RHSA-2010-0635.html
http://www.vupen.com/english/advisories/2010/1203
https://www.mend.io/vulnerability-database/CVE-2010-1644

Severity Score

Weakness Type (CWE)

Cross-Site Scripting (XSS)

CWE-79

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): HIGH
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): LOW
Availability (A): NONE

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): MEDIUM
Authentication (AU): NONE
Confidentiality (C): NONE
Integrity (I): PARTIAL
Availability (A): NONE
Additional information:

Do you need more information?

Contact Us