Lucene search

[email protected]CVE-2005-1130

HistoryApr 16, 2005 - 4:00 a.m.

CVE-2005-1130

2005-04-1604:00:00

[email protected]

web.nvd.nist.gov

cve-2005-1130

cross-site scripting

xss

pinnacle cart

web security

vulnerability

nvd

5.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.01 Low

EPSS

Percentile

83.8%

JSON

Cross-site scripting (XSS) vulnerability in index.php in Pinnacle Cart allows remote attackers to inject arbitrary web script or HTML via the pg parameter.

Affected configurations

NVD

Node

desert_dog_softwarepinnacle_cart

CPENameOperatorVersion
desert_dog_software:pinnacle_cartdesert dog software pinnacle carteq*

CPE	Name	Operator	Version
desert_dog_software:pinnacle_cart	desert dog software pinnacle cart	eq	*

References

secunia.com/advisories/14924

systemsecure.org/board/index.php?showtopic=8

www.osvdb.org/15485

www.securityfocus.com/bid/13138

exchange.xforce.ibmcloud.com/vulnerabilities/20092

5.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.01 Low

EPSS

Percentile

83.8%

JSON

Related for CVE-2005-1130

nvd1 nessus1 cvelist1