Published: 29/05/2005 Updated: 05/09/2008

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 460

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Net Portal Dynamic System (NPDS) 5.0 allow remote malicious users to inject arbitrary web script or HTML via the language parameter to (1) admin.php, or (2) powerpack_f.php, (3) the sitename parameter to sdv_infos.php, (4) the categories parameter to faq.php, (5) the lettre parameter to the glossaire module, (6) the title parameter to reviews.php, or (7) the image_subject parameter to reply.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
net portal dynamic system net portal dynamic system 5.0

source: wwwsecurityfocuscom/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks This may result in the theft of authentication credentials, destruction or disclosure ...

source: wwwsecurityfocuscom/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks This may result in the theft of authentication credentials, destruction or dis ...

source: wwwsecurityfocuscom/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks This may result in the theft of authentication credentials, destruction or disclosure of sensi ...

source: wwwsecurityfocuscom/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks This may result in the theft of authentication credentials, destruction or disclosur ...

source: wwwsecurityfocuscom/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks This may result in the theft of authentication credentials, destruction or disclosure of sen ...

source: wwwsecurityfocuscom/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks This may result in the theft of authentication credentials, destruction or disclosure of s ...

NVD-CWE-Other http://www.npds.org/download.php?op=geninfo&did=115 http://securitytracker.com/id?1014073 http://www.osvdb.org/16464 http://www.osvdb.org/16922 https://nvd.nist.gov https://www.exploit-db.com/exploits/25746/

CVE-2005-1803

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect