CVE-2003-1190

Cross-site scripting (XSS) vulnerability in PHPRecipeBook 1.24 through 2.17 allows remote attackers to inject arbitrary web script or HTML via a recipe.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://secunia.com/advisories/10109	Patch
http://sourceforge.net/project/shownotes.php?release_id=193940
http://www.osvdb.org/2755	Vendor Advisory
http://www.securityfocus.com/bid/8963	Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/13574

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:phprecipebook:phprecipebook:1.24:::::::*
	cpe:2.3:a:phprecipebook:phprecipebook:1.25:::::::*
	cpe:2.3:a:phprecipebook:phprecipebook:1.26:::::::*
	cpe:2.3:a:phprecipebook:phprecipebook:1.26a:::::::*
	cpe:2.3:a:phprecipebook:phprecipebook:1.27:::::::*
	cpe:2.3:a:phprecipebook:phprecipebook:1.27a:::::::*
	cpe:2.3:a:phprecipebook:phprecipebook:1.30:::::::*
	cpe:2.3:a:phprecipebook:phprecipebook:1.30a:::::::*
	cpe:2.3:a:phprecipebook:phprecipebook:1.31:::::::*
	cpe:2.3:a:phprecipebook:phprecipebook:2.04:::::::*
	cpe:2.3:a:phprecipebook:phprecipebook:2.05:::::::*
	cpe:2.3:a:phprecipebook:phprecipebook:2.06:::::::*
	cpe:2.3:a:phprecipebook:phprecipebook:2.10:::::::*
	cpe:2.3:a:phprecipebook:phprecipebook:2.11:::::::*
	cpe:2.3:a:phprecipebook:phprecipebook:2.12:::::::*
	cpe:2.3:a:phprecipebook:phprecipebook:2.13:::::::*
	cpe:2.3:a:phprecipebook:phprecipebook:2.14:::::::*
	cpe:2.3:a:phprecipebook:phprecipebook:2.15:::::::*
	cpe:2.3:a:phprecipebook:phprecipebook:2.16:::::::*
	cpe:2.3:a:phprecipebook:phprecipebook:2.17:::::::*

History

No history.

Information

Published : 2003-11-03 05:00

Updated : 2024-02-04 16:31

NVD link : CVE-2003-1190

Mitre link : CVE-2003-1190

CVE.ORG link : CVE-2003-1190

JSON object : View

Products Affected

phprecipebook

phprecipebook

CWE

NVD-CWE-Other

{"id": "CVE-2003-1190", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2003-11-03T05:00:00.000", "references": [{"url": "http://secunia.com/advisories/10109", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://sourceforge.net/project/shownotes.php?release_id=193940", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/2755", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/8963", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13574", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in PHPRecipeBook 1.24 through 2.17 allows remote attackers to inject arbitrary web script or HTML via a recipe."}], "lastModified": "2017-07-11T01:29:49.010", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:phprecipebook:phprecipebook:1.24:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69F16191-7679-4CE9-A9E6-058D7E0BC626"}, {"criteria": "cpe:2.3:a:phprecipebook:phprecipebook:1.25:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6DACE7F5-68AA-47D7-B49A-15C02A426F30"}, {"criteria": "cpe:2.3:a:phprecipebook:phprecipebook:1.26:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "73ED292E-060C-436E-8252-5EDC0F39C6B8"}, {"criteria": "cpe:2.3:a:phprecipebook:phprecipebook:1.26a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1660ED2-12CD-43F5-B044-406EECE664E7"}, {"criteria": "cpe:2.3:a:phprecipebook:phprecipebook:1.27:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1606A889-44C8-49A1-8F90-A623EACA07BD"}, {"criteria": "cpe:2.3:a:phprecipebook:phprecipebook:1.27a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FFF7214-DF49-4DDC-8472-EB9666A6B9DD"}, {"criteria": "cpe:2.3:a:phprecipebook:phprecipebook:1.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3DC918B-B38E-4589-926F-9C1614487BA5"}, {"criteria": "cpe:2.3:a:phprecipebook:phprecipebook:1.30a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45F6704E-788B-4DD4-BEE7-9BD4267AF6A6"}, {"criteria": "cpe:2.3:a:phprecipebook:phprecipebook:1.31:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "733CBCA3-EEE8-4877-B638-7A3578A11778"}, {"criteria": "cpe:2.3:a:phprecipebook:phprecipebook:2.04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BAE8B19-7A69-4CB7-A169-DE4DEBC284DB"}, {"criteria": "cpe:2.3:a:phprecipebook:phprecipebook:2.05:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1069F1D7-5663-4E80-BCC7-9DFF2D89375D"}, {"criteria": "cpe:2.3:a:phprecipebook:phprecipebook:2.06:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0651F0AD-4F56-469A-BF4C-2C1DEE78B2E4"}, {"criteria": "cpe:2.3:a:phprecipebook:phprecipebook:2.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFAD3F77-56D0-4689-B3C9-0B61BC8B7601"}, {"criteria": "cpe:2.3:a:phprecipebook:phprecipebook:2.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "415D330A-E8D1-4366-A983-119CFFF8EED5"}, {"criteria": "cpe:2.3:a:phprecipebook:phprecipebook:2.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4DD56DB0-1F58-42AF-B53F-0AA515874F32"}, {"criteria": "cpe:2.3:a:phprecipebook:phprecipebook:2.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6810EC00-DC50-40EF-99A8-0415F6375756"}, {"criteria": "cpe:2.3:a:phprecipebook:phprecipebook:2.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40B940E0-7106-44BB-B532-4E5492203C0A"}, {"criteria": "cpe:2.3:a:phprecipebook:phprecipebook:2.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "051422ED-BFF0-40C3-82EF-E30958E39FF2"}, {"criteria": "cpe:2.3:a:phprecipebook:phprecipebook:2.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1729E25D-81E6-4D88-AC9D-874F3C3B98E3"}, {"criteria": "cpe:2.3:a:phprecipebook:phprecipebook:2.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51397E4F-FF99-4D91-B4D9-1ADD7E7EAE60"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org", "evaluatorSolution": "This was fixed in PHPRecipeBook 2.18."}