Vulnerabilities > CVE-2005-3017 - Cross-Site Scripting vulnerability in Content2Web 1.0.1

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

content2web

NVD

Published: 2005-09-21

Updated: 2008-09-05

Summary

PHP file inclusion vulnerability in index.php in Content2Web 1.0.1 allows remote attackers to include arbitrary files via the show parameter, which can lead to resultant errors such as path disclosure, SQL error messages, and cross-site scripting (XSS).

Vulnerable Configurations

Part	Description	Count
Application	Content2Web Content2Web Content2Web 1.0.1	1

References

http://securitytracker.com/id?1014900