Unrated severityNVD Advisory· Published Jun 18, 2008· Updated Apr 23, 2026

CVE-2008-2758

Description

Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute News Manager XE 3.2 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) pblname and (2) text parameters to (a) admin/search.asp, (3) name parameter to (b) admin/publishers.asp, and other unspecified vectors to (c) anmviewer.asp and (d) editarticleX.asp in admin/. NOTE: some of these details are obtained from third party information.

Affected products

Xigla/Absolute News Manager Xe
cpe:2.3:a:xigla:absolute_news_manager_xe:3.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugreport.ir/index.phpnvdExploit
marc.infonvdExploit
secunia.com/advisories/30643nvdVendor Advisory
securityreason.com/securityalert/3950nvd
www.securityfocus.com/bid/29672nvd
exchange.xforce.ibmcloud.com/vulnerabilities/43042nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000