Lucene search
HistoryMay 19, 2005 - 4:00 a.m.
CVE-2005-1672
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.002
Percentile
56.2%
Multiple cross-site scripting (XSS) vulnerabilities in Help Center Live allow remote attackers to inject arbitrary web script or HTML via the (1) find parameter to index.php, (2) name or (3) message field of a chat request, or (4) the message body when opening a trouble ticket.
Affected configurations
Node
ubertechelp_center_live
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ubertec | help_center_live | * | cpe:2.3:a:ubertec:help_center_live:*:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2005-1672
2005-05-19 04:00:00
cvelist
cvelist
CVE-2005-1672
2005-05-19 04:00:00
nessus
nessus
Help Center Live Multiple Vulnerabilities (SQLi, XSS, CSRF)
2005-05-18 00:00:00
exploitpack
exploitpack
HelpCenter Live! 1.2.7 - Multiple Vulnerabilities
2004-05-17 00:00:00
exploitdb
exploitdb
HelpCenter Live! < 1.2.7 - Multiple Vulnerabilities
2004-05-17 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.002
Percentile
56.2%
Related for NVD:CVE-2005-1672