Vulnerabilities > CVE-2004-1845 - Multiple vulnerability in Expinion.Net News Manager Lite 2.5
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Multiple cross-site scripting (XSS) vulnerabilities in News Manager Lite 2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to comment_add.asp, (2) search parameter to search.asp, or (3) n parameter to category_news_headline.asp.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description Expinion.net News Manager Lite 2.5 category_news_headline.asp XSS. CVE-2004-1845. Webapps exploit for asp platform id EDB-ID:23859 last seen 2016-02-02 modified 2004-03-20 published 2004-03-20 reporter Manuel Lopez source https://www.exploit-db.com/download/23859/ title Expinion.net News Manager Lite 2.5 category_news_headline.asp XSS description Expinion.net News Manager Lite 2.5 search.asp XSS. CVE-2004-1845. Webapps exploit for asp platform id EDB-ID:23858 last seen 2016-02-02 modified 2004-03-20 published 2004-03-20 reporter Manuel Lopez source https://www.exploit-db.com/download/23858/ title Expinion.net News Manager Lite 2.5 - search.asp XSS description Expinion.net News Manager Lite 2.5 comment_add.asp XSS. CVE-2004-1845. Webapps exploit for asp platform id EDB-ID:23857 last seen 2016-02-02 modified 2004-03-20 published 2004-03-20 reporter Manuel Lopez source https://www.exploit-db.com/download/23857/ title Expinion.net News Manager Lite 2.5 comment_add.asp XSS