Vulnerabilities > CVE-2005-1233 - Cross-Site Scripting vulnerability in PHP Labs proFile Dir URI Variable
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting (XSS) vulnerability in index.php in PHP Labs proFile allows remote attackers to inject arbitrary web script or HTML via the (1) dir or (2) file parameters.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description PHP Labs proFile Dir URI Variable Cross-Site Scripting Vulnerability. CVE-2005-1233. Webapps exploit for php platform id EDB-ID:25468 last seen 2016-02-03 modified 2005-04-20 published 2005-04-20 reporter sNKenjoi source https://www.exploit-db.com/download/25468/ title PHP Labs proFile Dir URI Variable Cross-Site Scripting Vulnerability description PHP Labs proFile File URI Variable Cross-Site Scripting Vulnerability. CVE-2005-1233. Webapps exploit for php platform id EDB-ID:25473 last seen 2016-02-03 modified 2005-04-20 published 2005-04-20 reporter sNKenjoi source https://www.exploit-db.com/download/25473/ title PHP Labs proFile File URI Variable Cross-Site Scripting Vulnerability
References
- http://secunia.com/advisories/15027
- http://securitytracker.com/id?1013756
- http://www.osvdb.org/15697
- http://www.securityfocus.com/bid/13276
- http://www.securityfocus.com/bid/13282
- http://www.snkenjoi.com/secadv/secadv7.txt
- http://www.vupen.com/english/advisories/2005/0370
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20169