Vulnerabilities > CVE-2005-0945 - Unspecified vulnerability in ASP Press ACS Blog 1.1.1

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

asp-press

exploit available

NVD

Published: 2005-05-02

Updated: 2017-07-11

Summary

Cross-site scripting (XSS) vulnerability in ACS Blog 1.1.1 allows remote attackers to inject arbitrary web script or HTML via onmouseover or onload events in (1) img, (2) link, or (3) mail tags.

Vulnerable Configurations

Part	Description	Count
Application	Asp_Press ASP Press ACS Blog 1.1.1	1

Exploit-Db

description	ACS Blog 0.8/0.9/1.0/1.1 Name Field HTML Injection Vulnerability. CVE-2005-0945. Webapps exploit for asp platform
id	EDB-ID:25313
last seen	2016-02-03
modified	2005-03-28
published	2005-03-28
reporter	Dan Crowley
source	https://www.exploit-db.com/download/25313/
title	ACS Blog 0.8/0.9/1.0/1.1 Name Field HTML Injection Vulnerability

References

http://marc.info/?l=bugtraq&m=111214069029812&w=2
http://secunia.com/advisories/14744/
http://securitytracker.com/id?1013584
https://exchange.xforce.ibmcloud.com/vulnerabilities/19864