Lucene search
HistoryMay 02, 2005 - 4:00 a.m.
CVE-2005-1135
security
vulnerability
xss
cve-2005-1135
web script
html
remote attackers
search optimization
5.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
73.7%
Cross-site scripting (XSS) vulnerability in search.php for Simple PHP Blog (sphpBlog) 0.4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
Affected configurations
Node
alexander_palmosimple_php_blogMatch0.4.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| alexander_palmo:simple_php_blog | alexander palmo simple php blog | eq | 0.4.0 |
Related
nvd
nvd
CVE-2005-1135
2005-05-02 04:00:00
CVE-2006-6032
2006-11-21 23:07:00
nessus
nessus
sphpblog search.php q Parameter XSS
2005-04-14 00:00:00
cvelist
cvelist
CVE-2005-1135
2005-04-16 04:00:00
CVE-2006-6032
2006-11-21 23:00:00
cve
cve
CVE-2006-6032
2006-11-21 23:07:00
5.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
73.7%
Related for CVE-2005-1135