Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2005-4317
HistoryDec 17, 2005 - 11:00 a.m.

CVE-2005-4317

2005-12-1711:00:00
mitre
www.cve.org
1

6.6 Medium

AI Score

Confidence

High

0.435 Medium

EPSS

Percentile

97.4%

JSON

Limbo CMS 1.0.4.2 and earlier, with register_globals off, does not protect the $_SERVER variable from external modification, which allows remote attackers to use the _SERVER[REMOTE_ADDR] parameter to (1) conduct cross-site scripting (XSS) attacks in the stats module or (2) execute arbitrary code via an eval injection attack in the wrapper option in index2.php.

Related

cve 1
nvd 1
openvas 2
nessus 1
cve
cve
CVE-2005-4317
2005-12-17 11:03:00
nvd
nvd
CVE-2005-4317
2005-12-17 11:03:00
openvas
openvas
Limbo CMS Multiple Vulnerabilities
2006-03-26 00:00:00
Limbo CMS Multiple Vulnerabilities
2006-03-26 00:00:00
nessus
nessus
Limbo CMS Multiple Vulnerabilities
2006-01-30 00:00:00

6.6 Medium

AI Score

Confidence

High

0.435 Medium

EPSS

Percentile

97.4%

JSON
Related for CVELIST:CVE-2005-4317
cve1nvd1openvas2nessus1