Lucene search

[email protected]CVE-2005-1803

HistoryJun 01, 2005 - 4:00 a.m.

CVE-2005-1803

2005-06-0104:00:00

[email protected]

web.nvd.nist.gov

cve-2005-1803

xss

net portal dynamic system

npds

5.0

remote attackers

web script

html

admin.php

powerpack_f.php

sdv_infos.php

faq.php

glossaire module

reviews.php

reply.php

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.7%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Net Portal Dynamic System (NPDS) 5.0 allow remote attackers to inject arbitrary web script or HTML via the language parameter to (1) admin.php, or (2) powerpack_f.php, (3) the sitename parameter to sdv_infos.php, (4) the categories parameter to faq.php, (5) the lettre parameter to the glossaire module, (6) the title parameter to reviews.php, or (7) the image_subject parameter to reply.php.

Affected configurations

NVD

Node

net_portal_dynamic_systemnet_portal_dynamic_systemMatch5.0

CPENameOperatorVersion
net_portal_dynamic_system:net_portal_dynamic_systemnet portal dynamic systemeq5.0

CPE	Name	Operator	Version
net_portal_dynamic_system:net_portal_dynamic_system	net portal dynamic system	eq	5.0

References

securitytracker.com/id?1014073

www.npds.org/download.php?op=geninfo&did=115

www.osvdb.org/16464

www.osvdb.org/16922

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.7%

JSON

Related for CVE-2005-1803

nvd1 cvelist1