Vulnerabilities > CVE-2005-3991 - Cross-Site Scripting vulnerability in PHPheaven PHPmychat 0.14.6
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Multiple cross-site scripting (XSS) vulnerabilities in phpMyChat 0.14.6 allow remote attackers to inject arbitrary web script or HTML via the medium parameter to (1) start_page.css.php and (2) style.css.php; or the From parameter to users_popupL.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description phpMyChat 0.14.6 style.css.php medium Parameter XSS. CVE-2005-3991. Webapps exploit for php platform id EDB-ID:26695 last seen 2016-02-03 modified 2005-12-01 published 2005-12-01 reporter Louis Wang source https://www.exploit-db.com/download/26695/ title phpMyChat 0.14.6 style.css.php medium Parameter XSS description phpMyChat 0.14.6 start_page.css.php medium Parameter XSS. CVE-2005-3991. Webapps exploit for php platform id EDB-ID:26694 last seen 2016-02-03 modified 2005-12-01 published 2005-12-01 reporter Louis Wang source https://www.exploit-db.com/download/26694/ title phpMyChat 0.14.6 start_page.css.php medium Parameter XSS description phpMyChat 0.14.6 users_popupL.php From Parameter XSS. CVE-2005-3991. Webapps exploit for php platform id EDB-ID:26696 last seen 2016-02-03 modified 2005-12-01 published 2005-12-01 reporter Louis Wang source https://www.exploit-db.com/download/26696/ title phpMyChat 0.14.6 users_popupL.php From Parameter XSS