4.3
CVSSv2

CVE-2005-0782

Published: 02/05/2005 Updated: 11/07/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 440
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in (1) viewall.php and (2) category.php for paFileDB 3.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the start parameter to pafiledb.php.

Vulnerable Product Search on Vulmon Subscribe to Product

php arena pafiledb 3.0

php arena pafiledb 2.1.1

php arena pafiledb 3.1

php arena pafiledb 3.0 beta 3.1

php arena pafiledb 1.1.3

Exploits

source: wwwsecurityfocuscom/bid/12788/info Multiple SQL injection and cross-site scripting vulnerabilities exist in paFileDB These issues are reported to exist in the 'viewallphp' and 'categoryphp' scripts Exploitation of these issues may allow for compromise of the software, session hijacking, or attacks against the underlying d ...
source: wwwsecurityfocuscom/bid/12788/info Multiple SQL injection and cross-site scripting vulnerabilities exist in paFileDB These issues are reported to exist in the 'viewallphp' and 'categoryphp' scripts Exploitation of these issues may allow for compromise of the software, session hijacking, or attacks against the underlying ...