CVE-2016-15029

Published: Mar 21, 2023

Modified: Aug 6, 2024

PUBLISHED

CVSS v3.1

3.5

LOW

Description

A vulnerability has been found in Ydalb mapicoin up to 1.9.0 and classified as problematic. This vulnerability affects unknown code of the file webroot/stats.php. The manipulation of the argument link/search leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.10.0 is able to address this issue. The patch is identified as 67e87f0f0c1ac238fcd050f4c3db298229bc9679. It is recommended to upgrade the affected component. VDB-223402 is the identifier assigned to this vulnerability.

Vendor	Product	Versions
Ydalb	mapicoin	affected `1.0` affected `1.1` affected `1.2` affected `1.3` affected `1.4` +5 more versions

Weaknesses (CWE)

CWE-79

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

None

References

https://vuldb.com/?id.223402

vdb-entry

technical-description

https://vuldb.com/?ctiid.223402

signature

permissions-required

https://github.com/Ydalb/mapicoin/commit/67e87f0f0c1ac238fcd050f4c3db298229bc9679

patch

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-15029

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References