Lucene search
+L

Greymatter gm.cgi HTML injection flaw

🗓️ 26 Mar 2006 00:00:00Reported by Copyright (C) 2005 David MaciejakType 
openvas
 openvas
🔗 plugins.openvas.org👁 19 Views

A flaw in Greymatter gm.cgi allows execution of arbitrary HTML and script code in the user's browse

Related
Refs
Code
ReporterTitlePublishedViews
Family
cve
CVE-2005-2816
7 Sep 200504:00
cve
cvelist
CVE-2005-2816
7 Sep 200504:00
cvelist
euvd
EUVD-2005-2817
7 Oct 202500:30
euvd
nessus
Greymatter Comment Name Field Control Panel Log XSS
19 Sep 200500:00
nessus
nvd
CVE-2005-2816
7 Sep 200519:07
nvd
openvas
Greymatter gm.cgi HTML injection flaw
26 Mar 200600:00
openvas
SourceLink
securityfocuswww.securityfocus.com/bid/14703
# SPDX-FileCopyrightText: 2005 David Maciejak
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.19752");
  script_version("2023-08-01T13:29:10+0000");
  script_tag(name:"last_modification", value:"2023-08-01 13:29:10 +0000 (Tue, 01 Aug 2023)");
  script_tag(name:"creation_date", value:"2006-03-26 17:55:15 +0200 (Sun, 26 Mar 2006)");
  script_cve_id("CVE-2005-2816");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/14703");
  script_tag(name:"cvss_base", value:"4.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_name("Greymatter gm.cgi HTML injection flaw");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2005 David Maciejak");
  script_family("Web application abuses");
  script_dependencies("find_service.nasl", "no404.nasl", "webmirror.nasl", "DDI_Directory_Scanner.nasl", "global_settings.nasl");
  script_require_ports("Services/www", 80);
  script_exclude_keys("Settings/disable_cgi_scanning");

  script_tag(name:"solution", value:"Upgrade to the latest version of this software.");

  script_tag(name:"summary", value:"A vulnerability exists in the Greymatter version which may allow
  an attacker to execute arbitrary HTML and script code in the context of the user's browser.");

  script_tag(name:"qod_type", value:"remote_banner");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("http_func.inc");
include("http_keepalive.inc");
include("port_service_func.inc");
include("list_array_func.inc");

port = http_get_port(default:80);

foreach dir( make_list_unique( "/greymatter", http_cgi_dirs( port:port ) ) ) {

  if( dir == "/" )
    dir = "";

  url = string(dir, "/gm.cgi");

  if(http_vuln_check(port:port, url:url, pattern:'<META NAME="Generator" CONTENT="Greymatter (0\\.|1\\.([0-2][0-9]*[a-z]?|3|3\\.[01]))">')) {
    report = http_report_vuln_url( port:port, url:url );
    security_message( port:port, data:report );
    exit( 0 );
  }
}

exit( 99 );

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

01 Aug 2023 00:00Current
7.1High risk
Vulners AI Score7.1
CVSS 24.3
EPSS0.00948
19