Unrated severityNVD Advisory· Published Dec 16, 2008· Updated Apr 23, 2026

CVE-2008-5591

Description

Cross-site scripting (XSS) vulnerability in login.asp in Nightfall Personal Diary 1.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter and possibly other "login fields." NOTE: some of these details are obtained from third party information.

Affected products

Iwrite/Nightfall Personal Diary
cpe:2.3:a:iwrite:nightfall_personal_diary:1.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/33011nvdVendor Advisory
securityreason.com/securityalert/4742nvd
www.securityfocus.com/bid/32658nvd
exchange.xforce.ibmcloud.com/vulnerabilities/47110nvd
www.exploit-db.com/exploits/7351nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000