CVE-2008-6700

{"id": "CVE-2008-6700", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2009-04-10T22:00:00.517", "references": [{"url": "http://www.securityfocus.com/bid/29700", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43066", "source": "cve@mitre.org"}, {"url": "https://www.exploit-db.com/exploits/5797", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in Butterfly Organizer 2.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) mytable parameter to view.php, (2) mytable parameter to viewdb2.php, (3) tablehere parameter to category-rename.php, and (4) letter parameter to module-contacts.php."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Butterfly Organizer v2.0.0, permite a atacantes remotos inyectar web script o HTML de su elecci\u00f3n a trav\u00e9s de los par\u00e1metros (1) mytable en view.php, (2) mytable en viewdb2.php, (3) tablehere en category-rename.php y (4) letter en module-contacts.php."}], "lastModified": "2017-09-29T01:33:17.497", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:butterflymedia:butterfly_organizer:2.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C6E6822-2B75-4570-936C-EADE1F61AE63"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}