Vulnerabilities > CVE-2005-2674 - Unspecified vulnerability in Neocrome Land Down Under 800
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Note: the vendor has disputed this issue. Multiple cross-site scripting (XSS) vulnerabilities in Land Down Under (LDU) 800 allow remote attackers to inject arbitrary web script or HTML via the (1) c or (2) m parameters to index.php or (3) w parameter to journal.php. NOTE: this issue has been disputed by the vendor, who says "None of the tricks written there are working, the variables are properly sanitized and no LDU version is affected.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Land Down Under 800 index.php Multiple Parameter XSS. CVE-2005-2674. Webapps exploit for php platform |
id | EDB-ID:26182 |
last seen | 2016-02-03 |
modified | 2005-08-20 |
published | 2005-08-20 |
reporter | bl2k |
source | https://www.exploit-db.com/download/26182/ |
title | Land Down Under 800 index.php Multiple Parameter XSS |
Nessus
NASL family CGI abuses NASL id LDU_SQL_INJECTION.NASL description The remote version of Land Down Under is prone to various SQL injection and cross-site scripting attacks provided PHP last seen 2020-06-01 modified 2020-06-02 plugin id 19678 published 2005-09-06 reporter Copyright (C) 2005-2018 Josh Zlatin-Amishav source https://www.tenable.com/plugins/nessus/19678 title Land Down Under <= 800 Multiple Vulnerabilities NASL family CGI abuses NASL id LDU_801.NASL description The remote version of Land Down Under is prone to several SQL injection and cross-site scripting attacks due to its failure to sanitize user-supplied input to several parameters used by the last seen 2020-06-01 modified 2020-06-02 plugin id 19603 published 2005-09-09 reporter Copyright (C) 2005-2018 Josh Zlatin-Amishav source https://www.tenable.com/plugins/nessus/19603 title Land Down Under <= 801 Multiple Vulnerabilities