Lucene search

MitreCVE-2005-2332

HistoryJul 20, 2005 - 4:00 a.m.

CVE-2005-2332

2005-07-2004:00:00

mitre

web.nvd.nist.gov

cve-2005-2332

cross-site scripting

xss

phppageprotect

admin.php

security vulnerability

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

Confidence

High

EPSS

0.004

Percentile

72.1%

JSON

Cross-site scripting (XSS) vulnerability in PHPPageProtect 1.0.0a allows remote attackers to inject arbitrary web script or HTML via the username parameter to (1) admin.php or (2) login.php.

Affected configurations

Nvd

Node

php.warpedweb.netphppageprotectMatch1.0.0a

VendorProductVersionCPE
php.warpedweb.netphppageprotect1.0.0acpe:2.3:a:php.warpedweb.net:phppageprotect:1.0.0a:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
php.warpedweb.net	phppageprotect	1.0.0a	cpe:2.3:a:php.warpedweb.net:phppageprotect:1.0.0a:::::::*

References

secunia.com/advisories/16110

securitytracker.com/id?1014510

www.securityfocus.com/bid/14314

www.securityfocus.com/bid/14318

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

Confidence

High

EPSS

0.004

Percentile

72.1%

JSON

Related for CVE-2005-2332