CVE-2008-2680
Realm Cms < 2.3 - XSS
Title source: ruleDescription
Multiple cross-site scripting (XSS) vulnerabilities in _db/compact.asp in Realm CMS 2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) CmpctedDB and (2) Boyut parameters.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by BugReport.IR · textwebappsphp
https://www.exploit-db.com/exploits/5766
References (5)
Scores
EPSS
0.0382
EPSS Percentile
88.0%
Classification
CWE
CWE-79
Status
draft
Affected Products (1)
realm_project/realm_cms
< 2.3
Timeline
Published
Jun 12, 2008
Tracked Since
Feb 18, 2026