Vulnerabilities > CVE-2005-1077 - Remote HTML Injection vulnerability in XAMPP CDS.PHP
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Multiple cross-site scripting (XSS) vulnerabilities in XAMPP 1.4.x allow remote attackers to inject arbitrary web script or HTML via (1) cds.php, (2) Guestbook-EN.pl, or (3) phonebook.php.
Vulnerable Configurations
Exploit-Db
description | XAMPP Phonebook.PHP Multiple Remote HTML Injection Vulnerabilities. CVE-2005-1077. Remote exploits for multiple platform |
id | EDB-ID:25391 |
last seen | 2016-02-03 |
modified | 2005-04-12 |
published | 2005-04-12 |
reporter | Morning Wood |
source | https://www.exploit-db.com/download/25391/ |
title | XAMPP Phonebook.PHP Multiple Remote HTML Injection Vulnerabilities |
Nessus
NASL family | CGI abuses |
NASL id | XAMPP_MULTIPLE_VULNS.NASL |
description | The remote host is running XAMPP, an Apache distribution containing MySQL, PHP, and Perl. It is designed for easy installation and administration. The remote version of this software contains security flaws and password disclosure weaknesses that could allow an attacker to perform cross-site scripting attacks against the remote host or to gain administrative access on the remote host if no password has been set. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 18036 |
published | 2005-04-13 |
reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/18036 |
title | XAMPP < 1.4.14 Multiple Vulnerabilities |
code |
|