Lucene search

[email protected]NVD:CVE-2004-1975

HistoryApr 27, 2004 - 4:00 a.m.

CVE-2004-1975

2004-04-2704:00:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.003

Percentile

68.8%

JSON

Cross-site scripting (XSS) vulnerability in the category module in pafiledb.php for paFileDB 3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter, a vulnerability that is closely related to CVE-2004-1551.

Affected configurations

Nvd

Node

php_arenapafiledbMatch3.0

php_arenapafiledbMatch3.0_beta_3.1

php_arenapafiledbMatch3.1

VendorProductVersionCPE
php_arenapafiledb3.0cpe:2.3:a:php_arena:pafiledb:3.0:*:*:*:*:*:*:*
php_arenapafiledb3.0_beta_3.1cpe:2.3:a:php_arena:pafiledb:3.0_beta_3.1:*:*:*:*:*:*:*
php_arenapafiledb3.1cpe:2.3:a:php_arena:pafiledb:3.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
php_arena	pafiledb	3.0	cpe:2.3:a:php_arena:pafiledb:3.0:::::::*
php_arena	pafiledb	3.0_beta_3.1	cpe:2.3:a:php_arena:pafiledb:3.0_beta_3.1:::::::*
php_arena	pafiledb	3.1	cpe:2.3:a:php_arena:pafiledb:3.1:::::::*

References

marc.info/?l=bugtraq&m=108311096022485&w=2

marc.info/?l=bugtraq&m=109613031414184&w=2

www.securityfocus.com/bid/10229

exchange.xforce.ibmcloud.com/vulnerabilities/15992

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.003

Percentile

68.8%

JSON

Related for NVD:CVE-2004-1975

cvelist2 cve2 exploitdb1 nvd1 nessus2