Cross-Site Scripting Vulnerabilities in eSyndiCat Directory by eSyndiCat
CVE-2010-4504

Currently unrated

Key Information:

Vendor: Intelliants
Status: Esyndicat
Vendor: CVE Published:; 8 December 2010

🔔 Create Intelliants Vulnerability Alert

What is CVE-2010-4504?

Multiple cross-site scripting vulnerabilities exist in eSyndiCat Directory 2.3, allowing remote attackers to inject arbitrary web scripts or HTML. These vulnerabilities are triggered through the title parameter on the suggest-category.php and suggest-listing.php files. Exploiting these vulnerabilities could enable attackers to execute malicious scripts in the context of the users' browsers, leading to potential data theft or session hijacking.

References

http://packetstormsecurity.org/files/view/96181/esyndicat...

x_refsource_MISC

http://secunia.com/advisories/42484

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/45093

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 8, 2010