Описание
Multiple cross-site scripting (XSS) vulnerabilities in PHP Web Statistik 1.4 allows remote attackers to inject arbitrary web script or HTML via (1) the lastnumber parameter to stat.php and (2) the HTTP referer to pixel.php.
Multiple cross-site scripting (XSS) vulnerabilities in PHP Web Statistik 1.4 allows remote attackers to inject arbitrary web script or HTML via (1) the lastnumber parameter to stat.php and (2) the HTTP referer to pixel.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-4012
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23379
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23385
- http://cert.uni-stuttgart.de/archive/bugtraq/2005/11/msg00325.html
- http://freewebstat.com/changelog-english.html
- http://secunia.com/advisories/17789
- http://www.osvdb.org/21208
- http://www.osvdb.org/21212
- http://www.securityfocus.com/bid/15603
- http://www.ush.it/2005/11/19/php-web-statistik
- http://www.vupen.com/english/advisories/2005/2645
EPSS
Процентиль: 79%
0.01253
Низкий
CVE ID
Связанные уязвимости
nvd
около 20 лет назад
Multiple cross-site scripting (XSS) vulnerabilities in PHP Web Statistik 1.4 allows remote attackers to inject arbitrary web script or HTML via (1) the lastnumber parameter to stat.php and (2) the HTTP referer to pixel.php.
EPSS
Процентиль: 79%
0.01253
Низкий