Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1886

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-1886
Last Modified 05 Sep 2008 04:50:20
Published 09 Jun 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-1886

Summary

Cross-site scripting (XSS) vulnerability in view.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to inject arbitrary web script or HTML via (1) the phid parameter or (2) unknown parameters when posting a new comment.

Vulnerable Systems

Application

  • Yapig 0.92b

  • Yapig 0.93u

  • Yapig 0.94u


References

BID - 13876

BID - 13875

OSVDB - 17118

MISC - http://secwatch.org/advisories/secwatch/20050530_yapig.txt

SECTRACK - 1014103

SECUNIA - 15600


Last Updated: 27 May 2016 10:40:20