CVE-2005-3814

Опубликовано: 26 нояб. 2005

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in SmartPPC Pro allow remote attackers to inject arbitrary web script or HTML via the username parameter in (1) directory.php, (2) frames.php, and (3) search.php.

Ссылки

http://nightmaresecurity.net/index.php?showtopic=1015
URL Repurposed
http://secunia.com/advisories/17736
Vendor Advisory
http://securitytracker.com/id?1015259
http://www.addict3d.org/index.php?page=viewarticle&type=security&ID=5359
Exploit
Vendor Advisory
http://www.osvdb.org/21090
http://www.osvdb.org/21091
http://www.osvdb.org/21092
http://www.securityfocus.com/bid/15567
http://www.vupen.com/english/advisories/2005/2581
http://nightmaresecurity.net/index.php?showtopic=1015
URL Repurposed
http://secunia.com/advisories/17736
Vendor Advisory
http://securitytracker.com/id?1015259
http://www.addict3d.org/index.php?page=viewarticle&type=security&ID=5359
Exploit
Vendor Advisory
http://www.osvdb.org/21090
http://www.osvdb.org/21091
http://www.osvdb.org/21092
http://www.securityfocus.com/bid/15567
http://www.vupen.com/english/advisories/2005/2581

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:orbitscripts:smartppc_pro:*:*:*:*:*:*:*:*

EPSS

Процентиль: 76%

0.00926

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-4hwf-32rg-xw56

github

почти 4 года назад