Vulnerabilities > CVE-2005-0952 - Unspecified vulnerability in PHP Arena Pafiledb 3.1

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
php-arena
nessus
exploit available

Summary

Cross-site scripting vulnerability in pafiledb.php in PaFileDB 3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter.

Vulnerable Configurations

Part Description Count
Application
Php_Arena
1

Exploit-Db

descriptionpaFileDB 3.1 Cross Site Scripting Vulnerability. CVE-2004-1551,CVE-2004-1975,CVE-2005-0952. Webapps exploit for php platform
idEDB-ID:10667
last seen2016-02-01
modified2009-12-26
published2009-12-26
reporterindoushka
sourcehttps://www.exploit-db.com/download/10667/
titlepaFileDB 3.1 - Cross-Site Scripting Vulnerability

Nessus

NASL familyCGI abuses : XSS
NASL idPAFILEDB_XSS.NASL
descriptionThe version of paFileDB installed on the remote host is vulnerable to cross-site scripting attacks due to its failure to sanitize input to the
last seen2020-06-01
modified2020-06-02
plugin id11479
published2003-03-26
reporterThis script is Copyright (C) 2003-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/11479
titlepaFileDB pafiledb.php id Parameter XSS