Vulnerabilities > CVE-2004-1979 - SQL Injection and Cross-Site Scripting vulnerability in Props 0.6.1
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE network
props
Summary
Cross-site scripting (XSS) vulnerability in do_search.php in PROPS 0.6.1 allows remote attackers to inject arbitrary HTML or web script via the search_string parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |