Lucene search

[email protected]CVE-2005-2063

HistoryJun 29, 2005 - 4:00 a.m.

CVE-2005-2063

2005-06-2904:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-2063

xss

remote attackers

web script

html

activebuyandsell 6.2

6.3 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

60.9%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in ActiveBuyAndSell 6.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Title parameter to sendpassword.asp or (2) Keyword field in search.asp.

CPENameOperatorVersion
active_web_softwares:activebuyandsellactive web softwares activebuyandselleq6.2

CPE	Name	Operator	Version
active_web_softwares:activebuyandsell	active web softwares activebuyandsell	eq	6.2

References

echo.or.id/adv/adv21-theday-2005.txt

marc.info/?l=bugtraq&m=111963341429906&w=2

6.3 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

60.9%

JSON