Lucene search

[email protected]NVD:CVE-2005-0949

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0949

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.005

Percentile

76.1%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in content.asp in Iatek PortalApp allow remote attackers to inject arbitrary web script or HTML via the (1) contenttype or (2) keywords parameter.

Affected configurations

Nvd

Node

iatekportalapp

VendorProductVersionCPE
iatekportalapp*cpe:2.3:a:iatek:portalapp:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
iatek	portalapp	*	cpe:2.3:a:iatek:portalapp::::::::

References

icis.digitalparadox.org/~dcrab/portalapp.txt

marc.info/?l=bugtraq&m=111213291118273&w=2

secunia.com/advisories/14749

securitytracker.com/id?1013591

www.securityfocus.com/bid/12936

exchange.xforce.ibmcloud.com/vulnerabilities/19891

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.005

Percentile

76.1%

JSON

Related for NVD:CVE-2005-0949

cvelist1 cve1 nessus1