4.3

CVE-2005-3959

Exploit

EPSS 1.87%
Veröffentlicht 01.12.2005 06:03:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Multiple cross-site scripting (XSS) vulnerabilities in FreeWebStat 1.0 rev37 allow remote attackers to inject arbitrary web script or HTML via the (1) site, (2) jsref, (3) jsres, and (4) jscolor parameters to pixel.php, which are not sanitized before being included in the logdb.html file, and (5) the search key to stat.php.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 13

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Freewebstat ≫ Freewebstat Version1.0_rev37

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.87%	0.827

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://secunia.com/advisories/17783

Vendor Advisory

http://securitytracker.com/id?1015301

http://www.freewebstat.com/changelog-english.html

http://www.osvdb.org/21207

http://www.securityfocus.com/archive/1/417902/100/0/threaded

http://www.securityfocus.com/bid/15601

Exploit

http://www.ush.it/2005/11/25/free-web-stat/

Vendor Advisory

Exploit

http://www.vupen.com/english/advisories/2005/2646

https://exchange.xforce.ibmcloud.com/vulnerabilities/23387

https://exchange.xforce.ibmcloud.com/vulnerabilities/23391

https://nvd.nist.gov/vuln/detail/CVE-2005-3959

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-3959

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-3959

EUVD