4.3
CVE-2005-4063
- EPSS 1.7%
- Veröffentlicht 07.12.2005 11:03:00
- Zuletzt bearbeitet 16.06.2026 22:18:09
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple cross-site scripting (XSS) vulnerabilities in NetAuctionHelp 3.0 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) L, (2) sort, (3) category, (4) categoryname parameters to search.asp.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Netauctionhelp ≫ Netauctionhelp Version <= 3.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.7% | 0.742 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://pridels0.blogspot.com/2005/12/netauctionhelp-v30-xss-vuln.html
http://secunia.com/advisories/17902
http://www.osvdb.org/21474
http://www.securityfocus.com/bid/15737
http://www.vupen.com/english/advisories/2005/2761