Vulnerabilities > CVE-2005-1803 - Unspecified vulnerability in NET Portal Dynamic System NET Portal Dynamic System 5.0

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
net-portal-dynamic-system
exploit available
NVD
Published: 2005-05-29
Updated: 2008-09-05

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Net Portal Dynamic System (NPDS) 5.0 allow remote attackers to inject arbitrary web script or HTML via the language parameter to (1) admin.php, or (2) powerpack_f.php, (3) the sitename parameter to sdv_infos.php, (4) the categories parameter to faq.php, (5) the lettre parameter to the glossaire module, (6) the title parameter to reviews.php, or (7) the image_subject parameter to reply.php.

Vulnerable Configurations

Part Description Count
Application
Net_Portal_Dynamic_System
1

Exploit-Db

  • descriptionNPDS 4.8 /5.0 reviews.php title Parameter XSS. CVE-2005-1803. Webapps exploit for php platform
    idEDB-ID:25746
    last seen2016-02-03
    modified2005-05-28
    published2005-05-28
    reporterNoSP
    sourcehttps://www.exploit-db.com/download/25746/
    titleNPDS 4.8 /5.0 reviews.php title Parameter XSS
  • descriptionNPDS 4.8 /5.0 powerpack_f.php language Parameter XSS. CVE-2005-1803. Webapps exploit for php platform
    idEDB-ID:25743
    last seen2016-02-03
    modified2005-05-28
    published2005-05-28
    reporterNoSP
    sourcehttps://www.exploit-db.com/download/25743/
    titleNPDS 4.8 /5.0 powerpack_f.php language Parameter XSS
  • descriptionNPDS 4.8 /5.0 admin.php language Parameter XSS. CVE-2005-1803. Webapps exploit for php platform
    idEDB-ID:25742
    last seen2016-02-03
    modified2005-05-28
    published2005-05-28
    reporterNoSP
    sourcehttps://www.exploit-db.com/download/25742/
    titleNPDS 4.8 /5.0 admin.php language Parameter XSS
  • descriptionNPDS 4.8 /5.0 reply.php image_subject Parameter XSS. CVE-2005-1803. Webapps exploit for php platform
    idEDB-ID:25747
    last seen2016-02-03
    modified2005-05-28
    published2005-05-28
    reporterNoSP
    sourcehttps://www.exploit-db.com/download/25747/
    titleNPDS 4.8 /5.0 reply.php image_subject Parameter XSS
  • descriptionNPDS 4.8 /5.0 faq.php categories Parameter XSS. CVE-2005-1803. Webapps exploit for php platform
    idEDB-ID:25750
    last seen2016-02-03
    modified2005-05-28
    published2005-05-28
    reporterNoSP
    sourcehttps://www.exploit-db.com/download/25750/
    titleNPDS 4.8 /5.0 faq.php categories Parameter XSS

References