4.3

CVE-2005-3406

Cross-site scripting (XSS) vulnerability in phpESP 1.7.5 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ButterfatPhpesp Version1.3_final
ButterfatPhpesp Version1.4_beta1
ButterfatPhpesp Version1.4_beta2
ButterfatPhpesp Version1.4_beta3
ButterfatPhpesp Version1.4_final
ButterfatPhpesp Version1.5_final
ButterfatPhpesp Version1.5_rc1
ButterfatPhpesp Version1.5_rc2
ButterfatPhpesp Version1.5_rc3
ButterfatPhpesp Version1.6.1_final
ButterfatPhpesp Version1.6_final
ButterfatPhpesp Version1.6_rc1
ButterfatPhpesp Version1.6_rc2
ButterfatPhpesp Version1.6_rc3
ButterfatPhpesp Version1.7
ButterfatPhpesp Version1.7.1
ButterfatPhpesp Version1.7.2
ButterfatPhpesp Version1.7.5
ButterfatPhpesp Version1.7.5_dev1
ButterfatPhpesp Version1.7.5_dev2
ButterfatPhpesp Version1.7.5_dev3
ButterfatPhpesp Version1.7_dev
ButterfatPhpesp Version1.7_rc1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.33% 0.674
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://cvs.sourceforge.net/viewcvs.py/phpesp/phpESP/docs/CHANGES?rev=.&content-type=text/plain
http://secunia.com/advisories/17333
http://www.osvdb.org/20357
Patch
http://www.securityfocus.com/bid/15232
http://www.vupen.com/english/advisories/2005/2237
https://exchange.xforce.ibmcloud.com/vulnerabilities/22904