Lucene search

[email protected]CVE-2005-4721

HistoryFeb 15, 2006 - 11:00 a.m.

CVE-2005-4721

2006-02-1511:00:00

[email protected]

web.nvd.nist.gov

cve-2005-4721

xss

search.cfm

tmspublisher 3.3

nvd

vulnerability

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.1%

JSON

Cross-site scripting (XSS) vulnerability in search.cfm in tmsPUBLISHER 3.3 allows remote attackers to inject arbitrary web script or HTML via the q parameter.

Affected configurations

NVD

Node

the_media_shoppe_berhadtmspublisherMatch3.3

CPENameOperatorVersion
the_media_shoppe_berhad:tmspublisherthe media shoppe berhad tmspublishereq3.3

CPE	Name	Operator	Version
the_media_shoppe_berhad:tmspublisher	the media shoppe berhad tmspublisher	eq	3.3

References

developer.tmsasia.com/page.cfm?name=security

metawire.org/~adli/advisories/250405_tmspublisher_vulnerablility.signed.txt

www.osvdb.org/23014

www.securityfocus.com/bid/16816

exchange.xforce.ibmcloud.com/vulnerabilities/25275

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.1%

JSON

Related for CVE-2005-4721

nvd1 cvelist1