Unrated severityNVD Advisory· Published Apr 16, 2008· Updated Apr 23, 2026

CVE-2008-1850

Description

Multiple cross-site scripting (XSS) vulnerabilities in login.php in Omnistar Interactive OSI Affiliate allow remote attackers to inject arbitrary web script or HTML via the (1) login, (2) profile, (3) profile2, and (4) ref parameters.

Affected products

Osiaffiliate/Osiaffiliate
cpe:2.3:a:osiaffiliate:osiaffiliate:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/29779nvdVendor Advisory
www.mrzayas.es/2008/04/11/xss-en-osiaffiliate/nvd
www.osvdb.org/44376nvd
www.securityfocus.com/bid/28785nvd
www.securityfocus.com/bid/28793nvd
exchange.xforce.ibmcloud.com/vulnerabilities/41811nvd
exchange.xforce.ibmcloud.com/vulnerabilities/41825nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000