4.3
CVE-2005-1030
- EPSS 5.09%
- Veröffentlicht 02.05.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:12:18
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple cross-site scripting (XSS) vulnerabilities in Active Auction House allow remote attackers to inject arbitrary web script or HTML via the (1) ReturnURL, (2) password, (3) username parameter, (4) ReturnURL parameter to account.asp, (5) Table, (6) Title parameter to sendpassword.asp, or (7) itemid to watchthisitem.asp.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Active Web Softwares ≫ Active Auction House Version7.1 Editionpro
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.09% | 0.913 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://digitalparadox.org/advisories/aass.txt
http://marc.info/?l=bugtraq&m=111280834000432&w=2
http://secunia.com/advisories/14839
http://www.securitytracker.com/alerts/2005/Apr/1013649.html
http://www.osvdb.org/15284
http://www.osvdb.org/15285
http://www.osvdb.org/15286
http://www.osvdb.org/15287
http://www.securityfocus.com/bid/13036
http://www.securityfocus.com/bid/13038
http://www.securityfocus.com/bid/13039
https://exchange.xforce.ibmcloud.com/vulnerabilities/19975