Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0067

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2004-0067
Last Modified 13 Sep 2011 12:00:00
Published 17 Feb 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2004-0067

Summary

Multiple cross-site scripting (XSS) vulnerabilities in phpGedView before 2.65 allow remote attackers to inject arbitrary HTML or web script via (1) descendancy.php, (2) index.php, (3) individual.php, (4) login.php, (5) relationship.php, (6) source.php, (7) imageview.php, (8) calendar.php, (9) gedrecord.php, (10) login.php, and (11) gdbi_interface.php. NOTE: some aspects of vector 10 were later reported to affect 4.1.

Vulnerable Systems

Application

  • Phpgedview 2.65


References

BUGTRAQ - 20040112 More phpGedView Vulnerabilities

XF - phpgedview-login-xss(36285)

XF - phpgedview-multiple-xss(14212)

VUPEN - ADV-2007-2995

BID - 11907

BID - 11906

BID - 11905

BID - 11904

BID - 11903

BID - 11894

BID - 11891

BID - 11890

BID - 11888

BID - 11882

BID - 11880

BID - 11868

BUGTRAQ - 20070827 PhpGedView login page multiple XSS

OSVDB - 3479

OSVDB - 3478

OSVDB - 3477

OSVDB - 3476

OSVDB - 3475

OSVDB - 3474

OSVDB - 3473

SECTRACK - 1018613

SECUNIA - 26628


Last Updated: 27 May 2016 10:38:27