CVE-2005-1075

Опубликовано: 02 мая 2005

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in RadScripts RadBids Gold 2 allow remote attackers to inject arbitrary web script or HTML via (1) the farea parameter to faq.php or the (2) cat, (3) order, or (4) area parameters to index.php.

Ссылки

http://secunia.com/advisories/14906
Vendor Advisory
http://www.digitalparadox.org/advisories/rga.txt
http://www.osvdb.org/15430
http://www.osvdb.org/15431
Exploit
http://www.securityfocus.com/archive/1/395527
Vendor Advisory
http://www.securityfocus.com/bid/13080
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/20038
http://secunia.com/advisories/14906
Vendor Advisory
http://www.digitalparadox.org/advisories/rga.txt
http://www.osvdb.org/15430
http://www.osvdb.org/15431
Exploit
http://www.securityfocus.com/archive/1/395527
Vendor Advisory
http://www.securityfocus.com/bid/13080
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/20038

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:radscripts:radbids:2:*:gold:*:*:*:*:*

EPSS

Процентиль: 76%

0.00946

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-jxqh-fx46-p9v3

github

почти 4 года назад