{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-27T02:48:58.246","vulnerabilities":[{"cve":{"id":"CVE-2010-3070","sourceIdentifier":"secalert@redhat.com","published":"2010-09-28T18:00:03.010","lastModified":"2026-06-16T23:22:04.120","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to an arbitrary PHP script that uses NuSOAP classes."},{"lang":"es","value":"Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en NuSOAP v0.9.5, como el usado en MantisBT y otros productos, permite a atacantes remotos inyectar código web o HTML de su elección a través de PATH_INFO en un código PHP de su elección que usa las clases NuSOAP. \r\n\r\n\r\n\r\n"}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dietrich_ayala:nusoap:0.9.5:*:*:*:*:*:*:*","matchCriteriaId":"8B62B5C8-3469-42E6-B576-DF98BA664233"}]}]}],"references":[{"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=595248","source":"secalert@redhat.com"},{"url":"http://git.debian.org/?p=users/olberger-guest/nusoap.git%3Ba=blob%3Bf=debian/patches/595248.patch%3Bh=6af3d725fe74d839764d9755c5bb18458a192518%3Bhb=268f03b88c6900d1a87b17734c248c705c22cb07","source":"secalert@redhat.com"},{"url":"http://git.debian.org/?p=users/olberger-guest/nusoap.git%3Ba=blobdiff%3Bf=debian/patches/595248.patch%3Bh=11202fa70433b62aeab7dfc68af668329bc0fe7e%3Bhp=6af3d725fe74d839764d9755c5bb18458a192518%3Bhb=3ac7a26a49086c6b91fb79e5acafcfcdc5d6980a%3Bhpb=268f03b88c6900d1a87b17734c248c705c22cb07","source":"secalert@redhat.com"},{"url":"http://git.mantisbt.org/?p=mantisbt.git%3Ba=commit%3Bh=edb817991b99cd5538f102be26865fde7c6b7212","source":"secalert@redhat.com"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048317.html","source":"secalert@redhat.com"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048325.html","source":"secalert@redhat.com"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048548.html","source":"secalert@redhat.com"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048639.html","source":"secalert@redhat.com"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048659.html","source":"secalert@redhat.com"},{"url":"http://secunia.com/advisories/41653","source":"secalert@redhat.com"},{"url":"http://sourceforge.net/mailarchive/message.php?msg_name=4C8FC573.3060900%40leetcode.net","source":"secalert@redhat.com"},{"url":"http://sourceforge.net/projects/nusoap/forums/forum/193579/topic/3834005","source":"secalert@redhat.com"},{"url":"http://www.mantisbt.org/bugs/changelog_page.php?version_id=111","source":"secalert@redhat.com"},{"url":"http://www.mantisbt.org/bugs/view.php?id=12312","source":"secalert@redhat.com"},{"url":"http://www.openwall.com/lists/oss-security/2010/09/03/2","source":"secalert@redhat.com"},{"url":"http://www.openwall.com/lists/oss-security/2010/09/07/4","source":"secalert@redhat.com"},{"url":"http://www.openwall.com/lists/oss-security/2010/09/14/12","source":"secalert@redhat.com"},{"url":"http://www.openwall.com/lists/oss-security/2010/09/14/13","source":"secalert@redhat.com"},{"url":"http://www.securityfocus.com/bid/42959","source":"secalert@redhat.com"},{"url":"http://www.vupen.com/english/advisories/2010/2535","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=629585","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=633011","source":"secalert@redhat.com"},{"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=595248","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://git.debian.org/?p=users/olberger-guest/nusoap.git%3Ba=blob%3Bf=debian/patches/595248.patch%3Bh=6af3d725fe74d839764d9755c5bb18458a192518%3Bhb=268f03b88c6900d1a87b17734c248c705c22cb07","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://git.debian.org/?p=users/olberger-guest/nusoap.git%3Ba=blobdiff%3Bf=debian/patches/595248.patch%3Bh=11202fa70433b62aeab7dfc68af668329bc0fe7e%3Bhp=6af3d725fe74d839764d9755c5bb18458a192518%3Bhb=3ac7a26a49086c6b91fb79e5acafcfcdc5d6980a%3Bhpb=268f03b88c6900d1a87b17734c248c705c22cb07","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://git.mantisbt.org/?p=mantisbt.git%3Ba=commit%3Bh=edb817991b99cd5538f102be26865fde7c6b7212","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048317.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048325.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048548.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048639.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048659.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/41653","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://sourceforge.net/mailarchive/message.php?msg_name=4C8FC573.3060900%40leetcode.net","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://sourceforge.net/projects/nusoap/forums/forum/193579/topic/3834005","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.mantisbt.org/bugs/changelog_page.php?version_id=111","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.mantisbt.org/bugs/view.php?id=12312","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.openwall.com/lists/oss-security/2010/09/03/2","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.openwall.com/lists/oss-security/2010/09/07/4","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.openwall.com/lists/oss-security/2010/09/14/12","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.openwall.com/lists/oss-security/2010/09/14/13","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/42959","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2010/2535","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=629585","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=633011","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}