Vulnerabilities > CVE-2005-3790 - Cross-Site Scripting vulnerability in PHPWCMS

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

phpwcms

exploit available

NVD

Published: 2005-11-24

Updated: 2016-10-18

Summary

Multiple cross-site scripting (XSS) vulnerabilities in act_newsletter.php in phpwcms 1.2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) i and (2) text parameters.

Vulnerable Configurations

Part	Description	Count
Application	Phpwcms Phpwcms Phpwcms 1.2.5_Dev	1

Exploit-Db

description	PHPWCMS 1.2.5 -DEV Multiple Cross-Site Scripting Vulnerabilities. CVE-2005-3790 . Webapps exploit for php platform
id	EDB-ID:26514
last seen	2016-02-03
modified	2005-11-15
published	2005-11-15
reporter	Stefan Lochbihler
source	https://www.exploit-db.com/download/26514/
title	PHPWCMS 1.2.5 -DEV - Multiple Cross-Site Scripting Vulnerabilities

References

http://marc.info/?l=bugtraq&m=113207712719472&w=2
http://secunia.com/advisories/17590/
http://securityreason.com/securityalert/182
http://www.securityfocus.com/bid/15440
http://www.vupen.com/english/advisories/2005/2452