Vulnerability-Lookup

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

Apply ordering (override relevance)

CVE-2011-3390 (GCVE-0-2011-3390)

Vulnerability from nvd – Published: 2011-09-06 15:00 – Updated: 2024-08-06 23:29

Summary

Multiple cross-site scripting (XSS) vulnerabilities in index.php in IBM OpenAdmin Tool (OAT) before 2.72 for Informix allow remote attackers to inject arbitrary web script or HTML via the (1) informixserver, (2) host, or (3) port parameter in a login action.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

5 references

URL	Tags
http://www.securityfocus.com/archive/1/519468/100…	mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/bid/49364	vdb-entryx_refsource_BID
http://voidroot.blogspot.com/2011/08/xss-in-ibm-o…	x_refsource_MISC
http://securityreason.com/securityalert/8370	third-party-advisoryx_refsource_SREASON
https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Date Public

2011-08-30 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:29:56.909Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20110830 XSS in IBM Open Admin Tool",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/519468/100/0/threaded"
          },
          {
            "name": "49364",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/49364"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://voidroot.blogspot.com/2011/08/xss-in-ibm-open-admin-tool.html"
          },
          {
            "name": "8370",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/8370"
          },
          {
            "name": "openadmintool-index-xss(69488)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69488"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-08-30T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple cross-site scripting (XSS) vulnerabilities in index.php in IBM OpenAdmin Tool (OAT) before 2.72 for Informix allow remote attackers to inject arbitrary web script or HTML via the (1) informixserver, (2) host, or (3) port parameter in a login action."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20110830 XSS in IBM Open Admin Tool",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/519468/100/0/threaded"
        },
        {
          "name": "49364",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/49364"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://voidroot.blogspot.com/2011/08/xss-in-ibm-open-admin-tool.html"
        },
        {
          "name": "8370",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/8370"
        },
        {
          "name": "openadmintool-index-xss(69488)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69488"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-3390",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in index.php in IBM OpenAdmin Tool (OAT) before 2.72 for Informix allow remote attackers to inject arbitrary web script or HTML via the (1) informixserver, (2) host, or (3) port parameter in a login action."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20110830 XSS in IBM Open Admin Tool",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/519468/100/0/threaded"
            },
            {
              "name": "49364",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/49364"
            },
            {
              "name": "http://voidroot.blogspot.com/2011/08/xss-in-ibm-open-admin-tool.html",
              "refsource": "MISC",
              "url": "http://voidroot.blogspot.com/2011/08/xss-in-ibm-open-admin-tool.html"
            },
            {
              "name": "8370",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/8370"
            },
            {
              "name": "openadmintool-index-xss(69488)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69488"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-3390",
    "datePublished": "2011-09-06T15:00:00.000Z",
    "dateReserved": "2011-09-06T00:00:00.000Z",
    "dateUpdated": "2024-08-06T23:29:56.909Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

FKIE_CVE-2011-3390

Vulnerability from fkie_nvd - Published: 2011-09-06 15:55 - Updated: 2026-04-29 01:13

Severity

Summary

Multiple cross-site scripting (XSS) vulnerabilities in index.php in IBM OpenAdmin Tool (OAT) before 2.72 for Informix allow remote attackers to inject arbitrary web script or HTML via the (1) informixserver, (2) host, or (3) port parameter in a login action.

References

URL	Tags
cve@mitre.org	http://securityreason.com/securityalert/8370
cve@mitre.org	http://voidroot.blogspot.com/2011/08/xss-in-ibm-open-admin-tool.html	Exploit
cve@mitre.org	http://www.securityfocus.com/archive/1/519468/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/49364	Exploit
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/69488
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/8370
af854a3a-2127-422b-91ae-364da2661108	http://voidroot.blogspot.com/2011/08/xss-in-ibm-open-admin-tool.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/519468/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/49364	Exploit
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/69488

Impacted products

Vendor	Product	Version
ibm	openadmin_tool	*
ibm	openadmin_tool	2.20
ibm	openadmin_tool	2.21
ibm	openadmin_tool	2.22
ibm	openadmin_tool	2.23
ibm	openadmin_tool	2.24
ibm	openadmin_tool	2.25
ibm	openadmin_tool	2.26
ibm	openadmin_tool	2.27
ibm	openadmin_tool	2.28
ibm	informix	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:openadmin_tool:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3373180A-0DA0-44C4-B553-B2464EBD1F8F",
              "versionEndIncluding": "2.70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:openadmin_tool:2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "034BDCEF-EDA8-4186-B1E7-E4B83646CB87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:openadmin_tool:2.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "44184E60-9540-4B69-B535-273825AE944A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:openadmin_tool:2.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF4328F0-346E-4F5C-8DD7-75880A49D3A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:openadmin_tool:2.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "7609293F-EAA3-4013-8B3A-12F29D307295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:openadmin_tool:2.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C360E28-B936-48D1-97AF-BEF863B2DDDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:openadmin_tool:2.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "773B0288-0281-4E06-A3B3-82679544C918",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:openadmin_tool:2.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "38696CEE-BB3E-443A-A8F6-1C2684F340B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:openadmin_tool:2.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C857360-93C8-44D9-8950-DFB140397FC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:openadmin_tool:2.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3392BD3-CBEF-4585-BFA9-02BEAFC3FC3F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:informix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E698BC5-08AA-4437-8483-ECE0DECC9967",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple cross-site scripting (XSS) vulnerabilities in index.php in IBM OpenAdmin Tool (OAT) before 2.72 for Informix allow remote attackers to inject arbitrary web script or HTML via the (1) informixserver, (2) host, or (3) port parameter in a login action."
    },
    {
      "lang": "es",
      "value": "Varias vulnerabilidades de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en index.php en IBM OpenAdmin Tool (OAT) para Informix antes de v2.72 permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de los par\u00e1metros (1) informixserver, (2) host, o (3) port en una acci\u00f3n de autenticaci\u00f3n."
    }
  ],
  "id": "CVE-2011-3390",
  "lastModified": "2026-04-29T01:13:23.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-09-06T15:55:08.493",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/8370"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://voidroot.blogspot.com/2011/08/xss-in-ibm-open-admin-tool.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/519468/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/49364"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69488"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/8370"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://voidroot.blogspot.com/2011/08/xss-in-ibm-open-admin-tool.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/519468/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/49364"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69488"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2011-3390 (GCVE-0-2011-3390)

Vulnerability from cvelistv5 – Published: 2011-09-06 15:00 – Updated: 2024-08-06 23:29

Summary

Multiple cross-site scripting (XSS) vulnerabilities in index.php in IBM OpenAdmin Tool (OAT) before 2.72 for Informix allow remote attackers to inject arbitrary web script or HTML via the (1) informixserver, (2) host, or (3) port parameter in a login action.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

5 references

URL	Tags
http://www.securityfocus.com/archive/1/519468/100…	mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/bid/49364	vdb-entryx_refsource_BID
http://voidroot.blogspot.com/2011/08/xss-in-ibm-o…	x_refsource_MISC
http://securityreason.com/securityalert/8370	third-party-advisoryx_refsource_SREASON
https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Date Public

2011-08-30 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:29:56.909Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20110830 XSS in IBM Open Admin Tool",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/519468/100/0/threaded"
          },
          {
            "name": "49364",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/49364"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://voidroot.blogspot.com/2011/08/xss-in-ibm-open-admin-tool.html"
          },
          {
            "name": "8370",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/8370"
          },
          {
            "name": "openadmintool-index-xss(69488)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69488"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-08-30T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple cross-site scripting (XSS) vulnerabilities in index.php in IBM OpenAdmin Tool (OAT) before 2.72 for Informix allow remote attackers to inject arbitrary web script or HTML via the (1) informixserver, (2) host, or (3) port parameter in a login action."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20110830 XSS in IBM Open Admin Tool",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/519468/100/0/threaded"
        },
        {
          "name": "49364",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/49364"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://voidroot.blogspot.com/2011/08/xss-in-ibm-open-admin-tool.html"
        },
        {
          "name": "8370",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/8370"
        },
        {
          "name": "openadmintool-index-xss(69488)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69488"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-3390",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in index.php in IBM OpenAdmin Tool (OAT) before 2.72 for Informix allow remote attackers to inject arbitrary web script or HTML via the (1) informixserver, (2) host, or (3) port parameter in a login action."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20110830 XSS in IBM Open Admin Tool",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/519468/100/0/threaded"
            },
            {
              "name": "49364",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/49364"
            },
            {
              "name": "http://voidroot.blogspot.com/2011/08/xss-in-ibm-open-admin-tool.html",
              "refsource": "MISC",
              "url": "http://voidroot.blogspot.com/2011/08/xss-in-ibm-open-admin-tool.html"
            },
            {
              "name": "8370",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/8370"
            },
            {
              "name": "openadmintool-index-xss(69488)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69488"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-3390",
    "datePublished": "2011-09-06T15:00:00.000Z",
    "dateReserved": "2011-09-06T00:00:00.000Z",
    "dateUpdated": "2024-08-06T23:29:56.909Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria

3 vulnerabilities found for openadmin_tool by ibm

CVE-2011-3390 (GCVE-0-2011-3390)

FKIE_CVE-2011-3390

CVE-2011-3390 (GCVE-0-2011-3390)