CVE-2008-1985

DigitalHive 2.0 RC2 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in base.php in DigitalHive 2.0 RC2 allows remote attackers to inject arbitrary web script or HTML via the mt parameter, possibly related to membres.php.

Exploits (2)

exploitdb WRITEUP VERIFIED

by ViRuSMaN · textwebappslinux

https://www.exploit-db.com/exploits/10427

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by ZoRLu · textwebappsphp

https://www.exploit-db.com/exploits/31701

View Code ZIP pw:eip

References (3)

Core 3

Core References

Exploit x_refsource_misc

http://www.z0rlu.ownspace.org/index.php?/archives/65-hive-v2.RC2-XSS.html

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/28918

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/42006

Scores

EPSS 0.0048

EPSS Percentile 65.2%

Details

CWE

CWE-79

Status published

Products (1)

digital_hive/digitalhive 2.0 rc2

Published Apr 27, 2008

Tracked Since Feb 18, 2026