ID CVE-2003-1506
Type cve
Reporter NVD
Modified 2017-07-28T21:29:14
Description
Cross-site scripting (XSS) vulnerability in dansguardian.pl in Adelix CensorNet 3.0 through 3.2 allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the DENIEDURL parameter.
{"id": "CVE-2003-1506", "bulletinFamily": "NVD", "title": "CVE-2003-1506", "description": "Cross-site scripting (XSS) vulnerability in dansguardian.pl in Adelix CensorNet 3.0 through 3.2 allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the DENIEDURL parameter.", "published": "2003-12-31T00:00:00", "modified": "2017-07-28T21:29:14", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-1506", "reporter": "NVD", "references": ["http://www.securityfocus.com/archive/1/342577", "https://exchange.xforce.ibmcloud.com/vulnerabilities/13507", "http://www.securityfocus.com/bid/8876", "http://www.securityfocus.com/archive/1/342551", "http://www.securityfocus.com/archive/1/342160", "http://securityreason.com/securityalert/3299"], "cvelist": ["CVE-2003-1506"], "type": "cve", "lastseen": "2017-07-29T11:20:59", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:daniel_barron:dansguardian:3.2", "cpe:/a:daniel_barron:dansguardian:3.1_r5", "cpe:/a:daniel_barron:dansguardian:3.1_r6", "cpe:/a:daniel_barron:dansguardian:3.0"], "cvelist": ["CVE-2003-1506"], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "Cross-site scripting (XSS) vulnerability in dansguardian.pl in Adelix CensorNet 3.0 through 3.2 allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the DENIEDURL parameter.", "edition": 1, "enchantments": {}, "hash": "155d25187111ac34b0e8f06afc29c477c359f94edf9a3b434bee23b43175a3d2", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "53085a1ffae5155b47d222f80bdb7d57", "key": "cpe"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "2a64806c874e65c8cb8b1e26952d3c97", "key": "cvelist"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "2597c502ee6e3361577ef5e8159ca649", "key": "modified"}, {"hash": "c6a7c33c610f04b9e5778ea8da009df0", "key": "href"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "417fc1bb20b1f93c14fbe28854ae0f02", "key": "title"}, {"hash": "8d7e26a161898de2db5efee7c97e5029", "key": "description"}, {"hash": "c7d699b9038de74cbb0e0aed94118a43", "key": "references"}, {"hash": "0be64788bbc43a0f889dacf4d60da270", "key": "published"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-1506", "id": "CVE-2003-1506", "lastseen": "2016-09-03T04:15:04", "modified": "2008-09-05T16:37:06", "objectVersion": "1.2", "published": "2003-12-31T00:00:00", "references": ["http://www.securityfocus.com/archive/1/342577", "http://www.securityfocus.com/bid/8876", "http://www.securityfocus.com/archive/1/342551", "http://www.securityfocus.com/archive/1/342160", "http://xforce.iss.net/xforce/xfdb/13507", "http://securityreason.com/securityalert/3299"], "reporter": "NVD", "scanner": [], "title": "CVE-2003-1506", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T04:15:04"}], "edition": 2, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "53085a1ffae5155b47d222f80bdb7d57"}, {"key": "cvelist", "hash": "2a64806c874e65c8cb8b1e26952d3c97"}, {"key": "cvss", "hash": "6e9bdd2021503689a2ad9254c9cdf2b3"}, {"key": "description", "hash": "8d7e26a161898de2db5efee7c97e5029"}, {"key": "href", "hash": "c6a7c33c610f04b9e5778ea8da009df0"}, {"key": "modified", "hash": "8943df0e32455a1a76c9da8058b9ee59"}, {"key": "published", "hash": "0be64788bbc43a0f889dacf4d60da270"}, {"key": "references", "hash": "e73d8a0df3c5a3db7f2e453443dd40ac"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "417fc1bb20b1f93c14fbe28854ae0f02"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "7182070ecc026cebd6626d43f216703e6a0455fa872849eca2bcf5528d532e9e", "viewCount": 1, "enchantments": {"score": {"value": 4.3, "vector": "NONE", "modified": "2017-07-29T11:20:59"}, "dependencies": {"references": [{"type": "exploitdb", "idList": ["EDB-ID:23275"]}], "modified": "2017-07-29T11:20:59"}, "vulnersScore": 4.3}, "objectVersion": "1.3", "cpe": ["cpe:/a:daniel_barron:dansguardian:3.2", "cpe:/a:daniel_barron:dansguardian:3.1_r5", "cpe:/a:daniel_barron:dansguardian:3.1_r6", "cpe:/a:daniel_barron:dansguardian:3.0"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}
{"exploitdb": [{"lastseen": "2016-02-02T20:39:33", "bulletinFamily": "exploit", "description": "DansGuardian 2.2.x Denied URL Cross-Site Scripting Vulnerability. CVE-2003-1506. Webapps exploit for cgi platform", "modified": "2003-10-22T00:00:00", "published": "2003-10-22T00:00:00", "id": "EDB-ID:23275", "href": "https://www.exploit-db.com/exploits/23275/", "type": "exploitdb", "title": "DansGuardian 2.2.x Denied URL Cross-Site Scripting Vulnerability", "sourceData": "source: http://www.securityfocus.com/bid/8876/info\r\n\r\nA problem has been reported in the handling of some types of input to DansGuardian. This problem may permit an attacker to launch cross-site scripting attacks.\r\n\r\nhttp://www.example.com/cgi-bin/dansguardian.pl?DENIEDURL=</a><script>alert('Test');window.open+(\"http://www.example.com\")</script> ", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "sourceHref": "https://www.exploit-db.com/download/23275/"}]}