Published: 23/11/2005 Updated: 14/02/2024

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 440

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in PHP-Post (PHPp) 1.0 allow remote malicious users to inject arbitrary web script or HTML via (1) the subject in a post, or the user parameter to (2) profile.php and (3) mail.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
phppost phppost 1.0

source: wwwsecurityfocuscom/bid/15524/info PHP-Post is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site The atta ...

source: wwwsecurityfocuscom/bid/15524/info PHP-Post is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site The attack ...

CWE-79 http://irannetjob.com/content/view/168/28/http://www.securityfocus.com/bid/15524 http://www.securityfocus.com/bid/15532 http://secunia.com/advisories/17706 http://www.osvdb.org/21057 http://www.osvdb.org/21059 http://www.vupen.com/english/advisories/2005/2533 http://www.securityfocus.com/archive/1/417434/30/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/26547/

CVE-2005-3770

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect