CVE-2009-1849

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2009-1849
Cross-site scripting (XSS) vulnerability in the Monitor_Bandwidth function in PRTG Traffic Grapher 6.2.2.977 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://blog.bkis.com/?p=704
http://secunia.com/advisories/35249 Vendor Advisory
http://www.paessler.com/support/kb/questions/prtg6history Patch Vendor Advisory
http://www.securityfocus.com/bid/35128
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:paessler:prtg_traffic_grapher:*:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:4.0.7.139:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:4.0.8.154:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:4.1.0.256:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:4.1.0.257:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:4.1.0.265:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:4.1.0.266:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:4.2.0.356:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:4.2.0.357:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:4.2.0.363:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:4.2.0.364:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:4.2.1.385:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:4.2.1.386:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:4.3.0.470:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:4.3.0.471:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:4.3.1.498:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:4.3.1.505:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:4.3.1.510:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:4.3.1.522:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:4.3.1.534:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:4.3.1.562:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:4.3.1.566:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.0.1.300:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.0.1.310:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.0.1.356:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.0.3.379:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.0.3.398:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.1.0.452:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.1.1.474:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.2.0.548:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.2.0.549:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.2.0.559:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.2.0.560:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.2.0.565:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.2.0.566:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.2.0.574:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.2.0.575:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.2.0.581:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.2.0.582:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.3.0.687:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.3.0.738:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.3.0.739:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.3.0.758:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.3.0.759:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.3.0.812:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.3.0.813:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.3.0.833:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.3.0.834:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.3.0.862:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:5.3.0.863:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.2.255:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.2.256:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.3.258:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.3.259:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.3.261:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.3.262:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.3.284:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.3.285:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.4.332:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.4.333:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.4.335:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.4.336:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.4.393:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.4.394:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.5.417:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.5.441:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.5.442:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.5.450:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.5.451:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.6.585:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.6.586:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.6.601:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.6.602:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.6.625:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.6.626:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.6.675:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.0.6.676:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.1.0.683_beta:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.1.0.750:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.1.0.751:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.1.0.753:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.1.0.754:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.1.0.756:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.1.0.757:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.1.1.854:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.1.1.855:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.2.0.907:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.2.0.908:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.2.1.950:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.2.1.951:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.2.1.957:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.2.1.958:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.2.1.963:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher:6.2.1.964:*:*:*:*:*:*:*
cpe:2.3:a:paessler:prtg_traffic_grapher6.0.5.416:*:*:*:*:*:*:*:*
History

No history.

Information

Published : 2009-06-01 19:30

Updated : 2024-02-04 17:33

NVD link : CVE-2009-1849

Mitre link : CVE-2009-1849

CVE.ORG link : CVE-2009-1849

JSON object : View

Products Affected

paessler

  • prtg_traffic_grapher
  • prtg_traffic_grapher6.0.5.416
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')