Published: 29/12/2005 Updated: 20/07/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in loader.cfm in PaperThin CommonSpot Content Server 4.5 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the bNewWindow parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
paperthin commonspot content server 2.5
paperthin commonspot content server 3.0
paperthin commonspot content server
paperthin commonspot content server 3.2
paperthin commonspot content server 4.0

Several remote vulnerabilities have been discovered in the Ethereal network scanner The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-4574 It was discovered that the MIME multipart dissector is vulnerable to denial of service caused by an off-by-one overflow CVE-2006-4805 It was discovered t ...

source: wwwsecurityfocuscom/bid/16071/info PaperThin CommonSpot Content Server is prone to a cross-site scripting vulnerability This issue is due to a failure in the application to properly sanitize user-supplied input An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in t ...

NVD-CWE-Other http://www.securityfocus.com/bid/16071 http://www.osvdb.org/21931 http://secunia.com/advisories/18257 http://pridels0.blogspot.com/2005/12/commonspot-content-server-vuln.html https://exchange.xforce.ibmcloud.com/vulnerabilities/23864 https://nvd.nist.gov https://www.debian.org/security/./dsa-1201 https://www.exploit-db.com/exploits/26986/

CVE-2005-4574

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect