Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1651

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2004-1651
Last Modified 05 Sep 2008 04:41:59
Published 31 Aug 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2004-1651

Summary

Multiple cross-site scripting (XSS) vulnerabilities in the registration page in phpScheduleIt 1.0.0 RC1 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Lastname fields during new user registration, or (3) the Schedule Name field.

Vulnerable Systems

Application

  • Brickhost Phpscheduleit 1.0 Rc1


References

BID - 11080

BUGTRAQ - 20040831 Multiple Vulnerabilities in phpScheduleIt

XF - phpscheduleit-xss(17193)

XF - phpscheduleit-script-injection(17194)

OSVDB - 9451

BUGTRAQ - 20040917 Re: Multiple Vulnerabilities in phpScheduleIt


Last Updated: 27 May 2016 10:39:08