Vulnerabilities > CVE-2005-2674 - Unspecified vulnerability in Neocrome Land Down Under 800

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
neocrome
nessus
exploit available
NVD
Published: 2005-08-23
Updated: 2024-04-11

Summary

Note: the vendor has disputed this issue. Multiple cross-site scripting (XSS) vulnerabilities in Land Down Under (LDU) 800 allow remote attackers to inject arbitrary web script or HTML via the (1) c or (2) m parameters to index.php or (3) w parameter to journal.php. NOTE: this issue has been disputed by the vendor, who says "None of the tricks written there are working, the variables are properly sanitized and no LDU version is affected.

Vulnerable Configurations

Part Description Count
Application
Neocrome
1

Exploit-Db

descriptionLand Down Under 800 index.php Multiple Parameter XSS. CVE-2005-2674. Webapps exploit for php platform
idEDB-ID:26182
last seen2016-02-03
modified2005-08-20
published2005-08-20
reporterbl2k
sourcehttps://www.exploit-db.com/download/26182/
titleLand Down Under 800 index.php Multiple Parameter XSS

Nessus

  • NASL familyCGI abuses
    NASL idLDU_SQL_INJECTION.NASL
    descriptionThe remote version of Land Down Under is prone to various SQL injection and cross-site scripting attacks provided PHP
    last seen2020-06-01
    modified2020-06-02
    plugin id19678
    published2005-09-06
    reporterCopyright (C) 2005-2018 Josh Zlatin-Amishav
    sourcehttps://www.tenable.com/plugins/nessus/19678
    titleLand Down Under <= 800 Multiple Vulnerabilities
  • NASL familyCGI abuses
    NASL idLDU_801.NASL
    descriptionThe remote version of Land Down Under is prone to several SQL injection and cross-site scripting attacks due to its failure to sanitize user-supplied input to several parameters used by the
    last seen2020-06-01
    modified2020-06-02
    plugin id19603
    published2005-09-09
    reporterCopyright (C) 2005-2018 Josh Zlatin-Amishav
    sourcehttps://www.tenable.com/plugins/nessus/19603
    titleLand Down Under <= 801 Multiple Vulnerabilities

References