Vulnerabilities > CVE-2005-4177 - Cross-Site Scripting vulnerability in Cfmagic Magic Book Personal and Magic Book Professional
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting (XSS) vulnerability in book.cfm in Magic Book Personal and Professional 2.0 allows remote attackers to inject arbitrary web script or HTML via the StartRow parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
| description | Magic Book Professional 2.0 Book.CFM Cross-Site Scripting Vulnerability. CVE-2005-4177. Webapps exploit for cfm platform |
| id | EDB-ID:26772 |
| last seen | 2016-02-03 |
| modified | 2005-12-12 |
| published | 2005-12-12 |
| reporter | r0t |
| source | https://www.exploit-db.com/download/26772/ |
| title | Magic Book Professional 2.0 Book.CFM Cross-Site Scripting Vulnerability |