CVE-2005-0782

Published: 02/05/2005 Updated: 11/07/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 440

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in (1) viewall.php and (2) category.php for paFileDB 3.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the start parameter to pafiledb.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
php arena pafiledb 3.0
php arena pafiledb 2.1.1
php arena pafiledb 3.1
php arena pafiledb 3.0 beta 3.1
php arena pafiledb 1.1.3

source: wwwsecurityfocuscom/bid/12788/info Multiple SQL injection and cross-site scripting vulnerabilities exist in paFileDB These issues are reported to exist in the 'viewallphp' and 'categoryphp' scripts Exploitation of these issues may allow for compromise of the software, session hijacking, or attacks against the underlying d ...

source: wwwsecurityfocuscom/bid/12788/info Multiple SQL injection and cross-site scripting vulnerabilities exist in paFileDB These issues are reported to exist in the 'viewallphp' and 'categoryphp' scripts Exploitation of these issues may allow for compromise of the software, session hijacking, or attacks against the underlying ...

NVD-CWE-Other http://digitalparadox.org/advisories/pafdb.txt http://www.securityfocus.com/bid/12788 http://marc.info/?l=bugtraq&m=111065796525043&w=2 http://marc.info/?l=bugtraq&m=111221940107161&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/19690 https://nvd.nist.gov https://www.exploit-db.com/exploits/25215/

CVE-2005-0782

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect