Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4012

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-4012
Last Modified 07 Mar 2011 09:27:33
Published 05 Dec 2005 06:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-4012

Summary

Multiple cross-site scripting (XSS) vulnerabilities in PHP Web Statistik 1.4 allows remote attackers to inject arbitrary web script or HTML via (1) the lastnumber parameter to stat.php and (2) the HTTP referer to pixel.php.

Vulnerable Systems

Application

  • Php Web Statistik 1.4


References

MISC - http://www.ush.it/2005/11/19/php-web-statistik/

XF - phpwebstatistik-referer-xss(23385)

XF - phpwebstatistik-stat-xss(23379)

VUPEN - ADV-2005-2645

OSVDB - 21212

OSVDB - 21208

SECUNIA - 17789

MISC - http://freewebstat.com/changelog-english.html

BUGTRAQ - 20051128 Php Web Statistik Multiple Vulnerabilities

BID - 15603


Last Updated: 27 May 2016 10:41:08