Lucene search

[email protected]NVD:CVE-2005-0782

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0782

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.009

Percentile

82.7%

JSON

Cross-site scripting (XSS) vulnerability in (1) viewall.php and (2) category.php for paFileDB 3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the start parameter to pafiledb.php.

Affected configurations

Nvd

Node

php_arenapafiledbMatch1.1.3

php_arenapafiledbMatch2.1.1

php_arenapafiledbMatch3.0

php_arenapafiledbMatch3.0_beta_3.1

php_arenapafiledbMatch3.1

VendorProductVersionCPE
php_arenapafiledb1.1.3cpe:2.3:a:php_arena:pafiledb:1.1.3:*:*:*:*:*:*:*
php_arenapafiledb2.1.1cpe:2.3:a:php_arena:pafiledb:2.1.1:*:*:*:*:*:*:*
php_arenapafiledb3.0cpe:2.3:a:php_arena:pafiledb:3.0:*:*:*:*:*:*:*
php_arenapafiledb3.0_beta_3.1cpe:2.3:a:php_arena:pafiledb:3.0_beta_3.1:*:*:*:*:*:*:*
php_arenapafiledb3.1cpe:2.3:a:php_arena:pafiledb:3.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
php_arena	pafiledb	1.1.3	cpe:2.3:a:php_arena:pafiledb:1.1.3:::::::*
php_arena	pafiledb	2.1.1	cpe:2.3:a:php_arena:pafiledb:2.1.1:::::::*
php_arena	pafiledb	3.0	cpe:2.3:a:php_arena:pafiledb:3.0:::::::*
php_arena	pafiledb	3.0_beta_3.1	cpe:2.3:a:php_arena:pafiledb:3.0_beta_3.1:::::::*
php_arena	pafiledb	3.1	cpe:2.3:a:php_arena:pafiledb:3.1:::::::*

References

digitalparadox.org/advisories/pafdb.txt

marc.info/?l=bugtraq&m=111065796525043&w=2

marc.info/?l=bugtraq&m=111221940107161&w=2

www.securityfocus.com/bid/12788

exchange.xforce.ibmcloud.com/vulnerabilities/19690

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.009

Percentile

82.7%

JSON

Related for NVD:CVE-2005-0782

cvelist1 cve1 exploitdb2 nessus2