Описание
Cross-site scripting (XSS) vulnerability in PHP Gift Registry 1.3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the message parameter to (1) event.php or (2) index.php.
Cross-site scripting (XSS) vulnerability in PHP Gift Registry 1.3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the message parameter to (1) event.php or (2) index.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2004-2484
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18412
- http://cvs.sourceforge.net/viewcvs.py/phpgiftreg/src/event.php?r1=1.4&r2=1.5
- http://cvs.sourceforge.net/viewcvs.py/phpgiftreg/src/index.php?r1=1.20&r2=1.21
- http://secunia.com/advisories/13414
- http://sourceforge.net/project/shownotes.php?release_id=288731
- http://www.osvdb.org/12286
- http://www.osvdb.org/12287
- http://www.securityfocus.com/bid/11879
EPSS
Процентиль: 68%
0.00558
Низкий
CVE ID
Связанные уязвимости
nvd
около 21 года назад
Cross-site scripting (XSS) vulnerability in PHP Gift Registry 1.3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the message parameter to (1) event.php or (2) index.php.
EPSS
Процентиль: 68%
0.00558
Низкий