Vulnerabilities > CVE-2005-4028 - Cross-Site Scripting vulnerability in Amember
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE network
amember
Summary
Multiple cross-site scripting (XSS) vulnerabilities in aMember allow remote attackers to inject arbitrary web script or HTML via the (1) lamember_login parameter to sendpass.php and (2) login parameter to member.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |