Lucene search

MitreCVE-2005-2884

HistorySep 14, 2005 - 8:03 p.m.

CVE-2005-2884

2005-09-1420:03:00

mitre

web.nvd.nist.gov

cve-2005-2884

cross-site scripting

xss

ldu 801

events.php

web script injection

html injection

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.004

Percentile

72.4%

JSON

Cross-site scripting (XSS) vulnerability in events.php in Land Down Under (LDU) 801 and earlier allows remote attackers to inject arbitrary web script or HTML via the Description field in an event.

Affected configurations

Nvd

Node

neocromeland_down_underMatch601

neocromeland_down_underMatch602

neocromeland_down_underMatch700.01

neocromeland_down_underMatch700.02

neocromeland_down_underMatch700.03

neocromeland_down_underMatch700.04

neocromeland_down_underMatch700.05

neocromeland_down_underMatch701

neocromeland_down_underMatch800

neocromeland_down_underMatch801

VendorProductVersionCPE
neocromeland_down_under601cpe:2.3:a:neocrome:land_down_under:601:*:*:*:*:*:*:*
neocromeland_down_under602cpe:2.3:a:neocrome:land_down_under:602:*:*:*:*:*:*:*
neocromeland_down_under700.01cpe:2.3:a:neocrome:land_down_under:700.01:*:*:*:*:*:*:*
neocromeland_down_under700.02cpe:2.3:a:neocrome:land_down_under:700.02:*:*:*:*:*:*:*
neocromeland_down_under700.03cpe:2.3:a:neocrome:land_down_under:700.03:*:*:*:*:*:*:*
neocromeland_down_under700.04cpe:2.3:a:neocrome:land_down_under:700.04:*:*:*:*:*:*:*
neocromeland_down_under700.05cpe:2.3:a:neocrome:land_down_under:700.05:*:*:*:*:*:*:*
neocromeland_down_under701cpe:2.3:a:neocrome:land_down_under:701:*:*:*:*:*:*:*
neocromeland_down_under800cpe:2.3:a:neocrome:land_down_under:800:*:*:*:*:*:*:*
neocromeland_down_under801cpe:2.3:a:neocrome:land_down_under:801:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
neocrome	land_down_under	601	cpe:2.3:a:neocrome:land_down_under:601:::::::*
neocrome	land_down_under	602	cpe:2.3:a:neocrome:land_down_under:602:::::::*
neocrome	land_down_under	700.01	cpe:2.3:a:neocrome:land_down_under:700.01:::::::*
neocrome	land_down_under	700.02	cpe:2.3:a:neocrome:land_down_under:700.02:::::::*
neocrome	land_down_under	700.03	cpe:2.3:a:neocrome:land_down_under:700.03:::::::*
neocrome	land_down_under	700.04	cpe:2.3:a:neocrome:land_down_under:700.04:::::::*
neocrome	land_down_under	700.05	cpe:2.3:a:neocrome:land_down_under:700.05:::::::*
neocrome	land_down_under	701	cpe:2.3:a:neocrome:land_down_under:701:::::::*
neocrome	land_down_under	800	cpe:2.3:a:neocrome:land_down_under:800:::::::*
neocrome	land_down_under	801	cpe:2.3:a:neocrome:land_down_under:801:::::::*

References

marc.info/?l=bugtraq&m=112604873103252&w=2

secunia.com/advisories/16710/

www.securityfocus.com/bid/14746

exchange.xforce.ibmcloud.com/vulnerabilities/22195

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.004

Percentile

72.4%

JSON

Related for CVE-2005-2884