Lucene search

[email protected]CVE-2005-1075

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-1075

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

xss

radscripts

radbids

vulnerability

remote attack

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

82.1%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in RadScripts RadBids Gold 2 allow remote attackers to inject arbitrary web script or HTML via (1) the farea parameter to faq.php or the (2) cat, (3) order, or (4) area parameters to index.php.

Affected configurations

NVD

Node

radscriptsradbidsMatch2gold

CPENameOperatorVersion
radscripts:radbidsradscripts radbidseq2

CPE	Name	Operator	Version
radscripts:radbids	radscripts radbids	eq	2

References

secunia.com/advisories/14906

www.digitalparadox.org/advisories/rga.txt

www.osvdb.org/15430

www.osvdb.org/15431

www.securityfocus.com/archive/1/395527

www.securityfocus.com/bid/13080

exchange.xforce.ibmcloud.com/vulnerabilities/20038

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

82.1%

JSON

Related for CVE-2005-1075

cvelist1 nvd1