CVE-2005-1440

Exploit

EPSS 3.19%
Veröffentlicht 03.05.2005 04:00:00
Zuletzt bearbeitet 16.06.2026 22:13:02
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Multiple cross-site scripting (XSS) vulnerabilities in ViArt Shop Enterprise 2.1.6 allow remote attackers to inject arbitrary web script or HTML via (1) various parameters to basket.php, (2) the nickname, email, topic, and message fields in forum.php, as demonstrated using forum_new_thread.php and forum_thread.php, (3) the page parameter to page.php, (4) category_id and item_id parameters to reviews.php, (5) the category_id parameter to product_details.php, (6) the category_id or search_string parameters to products.php, or (7) the rp or page parameters to news_view.php.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 15

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Codetosell ≫ Viart Shop Enterprise Version2.1.6

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	3.19%	0.864

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://lostmon.blogspot.com/2005/04/viart-shop-enterprise-multiple.html

Exploit

http://secunia.com/advisories/15181

http://securitytracker.com/id?1013853

Exploit

http://www.osvdb.org/15951

Vendor Advisory

Exploit

http://www.osvdb.org/15952

http://www.osvdb.org/15953

http://www.osvdb.org/15954

http://www.osvdb.org/15955

http://www.osvdb.org/15956

http://www.osvdb.org/15957

http://www.osvdb.org/15958

http://www.securityfocus.com/bid/13462

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2005-1440

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-1440

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-1440

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2005-1440