Cross-Site Scripting in FlashCard by Unknown Vendor
CVE-2010-1872

Currently unrated

Key Information:

Vendor: Tufat
Status: Flashcard
Vendor: CVE Published:; 12 May 2010

What is CVE-2010-1872?

A Cross-Site Scripting (XSS) vulnerability exists in the cPlayer.php file of FlashCard versions 2.6.5 and 3.0.1, allowing remote attackers to execute arbitrary web scripts or HTML by injecting malicious content through the 'id' parameter. This security flaw highlights the importance of input validation and thorough sanitization in web applications to prevent unauthorized access and exploitation. For additional information, refer to advisory documents provided by third-party sources.

References

http://www.securityfocus.com/bid/39648

vdb-entryx_refsource_BID

http://www.xenuser.org/documents/security/flashcard_xss.txt

x_refsource_MISC

http://packetstormsecurity.org/1004-exploits/flashcard-xs...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
May 12, 2010

Tufat

What is CVE-2010-1872?

References

Timeline