CVE-2010-1072

Sniggabo CMS 2.21 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in search.php in Sniggabo CMS 2.21 allows remote attackers to inject arbitrary web script or HTML via the q parameter.

References (5)

[Exploit] http://greyhathackers.wordpress.com/2010/01/07/sniggabo-cms-v2-21-xss-vulnerability/

[Exploit] http://packetstormsecurity.org/1001-exploits/sniggabocms-xss.txt

[Vendor Advisory] http://secunia.com/advisories/38029

[Exploit] http://www.exploit-db.com/exploits/11049

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/55472

Scores

EPSS 0.0045

EPSS Percentile 63.2%

Classification

CWE

CWE-79

Status published

Affected Products (2)

sniggabo/sniggabo_cms

n/a/n/a

Timeline

Published Mar 23, 2010

Tracked Since Feb 18, 2026