CVE-2005-1557

Опубликовано: 11 мая 2005

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in WebApp Guestbook PRO 3.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) content of a message.

Ссылки

http://marc.info/?l=bugtraq&m=111585232810150&w=2
http://secunia.com/advisories/15290/
Vendor Advisory
http://securitytracker.com/id?1013940
http://www.osvdb.org/16349
Vendor Advisory
http://www.securityfocus.com/bid/13593
Vendor Advisory
http://www.soulblack.com.ar/repo/papers/guesbookpro_advisory.txt
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/20544
http://marc.info/?l=bugtraq&m=111585232810150&w=2
http://secunia.com/advisories/15290/
Vendor Advisory
http://securitytracker.com/id?1013940
http://www.osvdb.org/16349
Vendor Advisory
http://www.securityfocus.com/bid/13593
Vendor Advisory
http://www.soulblack.com.ar/repo/papers/guesbookpro_advisory.txt
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/20544

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:pixysoft:guestbook_pro:3.2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 71%

0.00675

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-cwwm-pcrm-gxc4

github

почти 4 года назад