Vulnerabilities > CVE-2005-3406 - Input Validation vulnerability in PHPESP
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE network
butterfat
Summary
Cross-site scripting (XSS) vulnerability in phpESP 1.7.5 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Vulnerable Configurations
References
- http://cvs.sourceforge.net/viewcvs.py/phpesp/phpESP/docs/CHANGES?rev=.&content-type=text/plain
- http://secunia.com/advisories/17333
- http://www.osvdb.org/20357
- http://www.securityfocus.com/bid/15232
- http://www.vupen.com/english/advisories/2005/2237
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22904