Cross-Site Scripting Vulnerability in eNdonesia CMS by eNdonesia

CVE-2004-2670

What is CVE-2004-2670?

Multiple vulnerabilities exist in the eNdonesia CMS version 8.3, specifically in the mod.php file. These vulnerabilities facilitate cross-site scripting (XSS) attacks, enabling remote attackers to inject malicious web scripts or HTML code. Exploitation can occur through two main parameters: the 'mod' parameter during a viewcat operation and the 'query' parameter during a search operation within the publisher module. This vulnerability poses a significant risk to users, allowing unauthorized script execution within the context of user sessions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References