Vulnerabilities > CVE-2005-2488 - Cross-Site Scripting vulnerability in Web Content Management
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting (XSS) vulnerability in Web Content Management News System allows remote attackers to inject arbitrary web script or HTML via (1) the strRootpath parameter to validsession.php or (2) the strTable parameter to Admin/News/List.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Web Content Management List.php strTable Parameter XSS. CVE-2005-2488. Webapps exploit for php platform |
id | EDB-ID:26068 |
last seen | 2016-02-03 |
modified | 2005-08-03 |
published | 2005-08-03 |
reporter | rgod |
source | https://www.exploit-db.com/download/26068/ |
title | Web Content Management List.php strTable Parameter XSS |