Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 01/11/2005 Updated: 18/10/2016

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Subscribe to Adaptive Technology Resource Centre

Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.4.1 up to and including 1.5.1-pl1 allow remote malicious users to inject arbitrary web script or HTML via (1) the _base_href parameter in translate.php, (2) the _base_path parameter in news.inc.php, and (3) the p parameter in add_note.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
adaptive technology resource centre atutor 1.4.2
adaptive technology resource centre atutor 1.4.3
adaptive technology resource centre atutor 1.4.1
adaptive technology resource centre atutor 1.5.1
adaptive technology resource centre atutor 1.5.1_pl1

NVD-CWE-Other http://secunia.com/secunia_research/2005-55/advisory/http://atutor.ca/view/3/6158/1.html http://www.osvdb.org/20347 http://www.osvdb.org/20348 http://www.osvdb.org/20349 http://secunia.com/advisories/16915/http://www.securityfocus.com/bid/15221 http://securitytracker.com/id?1015165 http://securityreason.com/securityalert/123 http://www.vupen.com/english/advisories/2005/2228 http://marc.info/?l=bugtraq&m=113043022821049&w=2 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-3403

Vulnerability Summary

References

Vulmon Search

About

Products

Connect