Lucene search
MitreCVE-2005-0723HistoryMar 12, 2005 - 5:00 a.m.
CVE-2005-0723
2005-03-1205:00:00
mitre
web.nvd.nist.gov
21
cve-2005-0723
cross-site scripting
xss
pafiledb
security vulnerability
nvd
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.001
Percentile
49.7%
Cross-site scripting (XSS) vulnerability in the jumpmenu function in functions.php for paFileDB 3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL parameters, which is not properly cleansed in the $pageurl variable, as demonstrated using pafiledb.php.
Affected configurations
Node
php_arenapafiledbMatch3.1
Related
cvelist
cvelist
CVE-2005-0723
2005-03-12 05:00:00
nvd
nvd
CVE-2005-0723
2005-03-08 05:00:00
nessus
nessus
paFileDB <= 3.1 Multiple Vulnerabilities (2)
2005-03-15 00:00:00
paFileDB <= 3.1 Multiple Vulnerabilities (1)
2003-07-24 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.001
Percentile
49.7%
Related for CVE-2005-0723