Lucene search

[email protected]CVE-2005-2894

HistorySep 14, 2005 - 8:03 p.m.

CVE-2005-2894

2005-09-1420:03:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-2894

cross-site scripting

xss

vulnerability

pblang

user registration

web script

php

nvd

6.1 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

65.2%

JSON

Cross-site scripting (XSS) vulnerability in the user registration in PBLang 4.65, and possibly earlier versions, allows remote attackers to inject arbitrary web script or PHP via the location field.

CPENameOperatorVersion
pblang:pblangpblangeq4.65

CPE	Name	Operator	Version
pblang:pblang	pblang	eq	4.65

References

marc.info/?l=bugtraq&m=112611338417979&w=2

www.securityfocus.com/bid/14766

exchange.xforce.ibmcloud.com/vulnerabilities/22190

6.1 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

65.2%

JSON

Related for CVE-2005-2894

nessus1