Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2649

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-2649
Last Modified 05 Sep 2008 04:52:19
Published 23 Aug 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-2649

Summary

Cross-site scripting (XSS) vulnerability in ATutor 1.5.1 allows remote attackers to inject arbitrary web script or HTML via (1) course parameter in login.php or (2) words parameter in search.php.

Vulnerable Systems

Application

  • Adaptive Technology Resource Centre Atutor 1.5.1


References

XF - atutor-login-search-xss(21910)

BID - 14598

BUGTRAQ - 20050818 ATutor 1.5.1 and prior multiple XSS Vulnerabilities

SECUNIA - 16496


Last Updated: 27 May 2016 10:40:36