Lucene search
HistoryAug 23, 2005 - 4:00 a.m.
CVE-2005-2649
cve
2005
2649
xss
vulnerability
atutor 1.5.1
remote attackers
web script
html
course parameter
login.php
words parameter
search.php
nvd
5.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
72.2%
Cross-site scripting (XSS) vulnerability in ATutor 1.5.1 allows remote attackers to inject arbitrary web script or HTML via (1) course parameter in login.php or (2) words parameter in search.php.
| CPE | Name | Operator | Version |
|---|---|---|---|
| adaptive_technology_resource_centre:atutor | adaptive technology resource centre atutor | eq | 1.5.1 |
Related
nessus
nessus
ATutor 1.5.1 Multiple Script XSS
2005-09-06 00:00:00
openvas
openvas
ATutor Cross Site Scripting Vulnerability
2006-03-26 00:00:00
5.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
72.2%
Related for CVE-2005-2649