Vulnerabilities > CVE-2005-1877 - Input Validation vulnerability in Lpanel 1.59

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

lpanel

NVD

Published: 2005-06-06

Updated: 2008-09-05

Summary

Cross-site scripting (XSS) vulnerability in view_ticket.php in Lpanel 1.59 and earlier allows remote attackers to inject arbitrary web script or HTML and obtain sensitive information via the pid parameter.

Vulnerable Configurations

Part	Description	Count
Application	Lpanel Lpanel Lpanel 1.59	1

References

http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034413.html
http://secunia.com/advisories/15589/
http://www.securityfocus.com/bid/13869