Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2005-4878
HistoryFeb 18, 2009 - 8:30 p.m.

CVE-2005-4878

2009-02-1820:30:00
CWE-79
mitre
web.nvd.nist.gov
20
cve-2005-4878
cross-site scripting
xss
acid
base
remote attack
web script injection
html injection

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6

Confidence

High

EPSS

0.004

Percentile

75.1%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in (1) acid_qry_main.php in Analysis Console for Intrusion Databases (ACID) 0.9.6b20 and (2) base_qry_main.php in Basic Analysis and Security Engine (BASE) 1.2, and unspecified other console scripts in these products, allow remote attackers to inject arbitrary web script or HTML via the sig[1] parameter and possibly other parameters, a different vulnerability than CVE-2007-6156.

Affected configurations

Nvd
Node
acidanalysis_console_for_intrusion_databasesMatch0.9.6b20
OR
secureideasbasic_analysis_and_security_engineMatch1.2
VendorProductVersionCPE
acidanalysis_console_for_intrusion_databases0.9.6b20cpe:2.3:a:acid:analysis_console_for_intrusion_databases:0.9.6b20:*:*:*:*:*:*:*
secureideasbasic_analysis_and_security_engine1.2cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.2:*:*:*:*:*:*:*

Related

cvelist 2
ubuntucve 2
nvd 2
nessus 1
prion 1
cve 1
cvelist
cvelist
CVE-2005-4878
2009-02-18 20:00:00
CVE-2007-6156
2007-11-29 01:00:00
ubuntucve
ubuntucve
CVE-2005-4878
2009-02-18 00:00:00
CVE-2007-6156
2007-11-29 00:00:00
nvd
nvd
CVE-2005-4878
2009-02-18 20:30:00
CVE-2007-6156
2007-11-29 01:46:00
nessus
nessus
Debian DSA-893-1 : acidlab - missing input sanitising
2006-10-14 00:00:00
prion
prion
Cross site scripting
2007-11-29 01:46:00
cve
cve
CVE-2007-6156
2007-11-29 01:46:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6

Confidence

High

EPSS

0.004

Percentile

75.1%

JSON
Related for CVE-2005-4878
cvelist2ubuntucve2nvd2nessus1prion1cve1