Vulnerabilities > CVE-2005-4241 - Input Validation vulnerability in VCD-DB

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

vcd-db

exploit available

NVD

Published: 2005-12-14

Updated: 2011-03-08

Summary

Cross-site scripting (XSS) vulnerability in the category page in VCD-db 0.98 and earlier allows remote attackers to inject arbitrary web script or HTML via the batch parameter.

Vulnerable Configurations

Part	Description	Count
Application	Vcd-Db VCD DB VCD DB 0.97 VCD DB VCD DB 0.98 VCD DB VCD DB 0.961 VCD DB VCD DB 0.971 VCD DB VCD DB 0.972 VCD DB VCD DB 0.973	6

Exploit-Db

description	VCD-db 0.9x Search Module batch Parameter XSS. CVE-2005-4241. Webapps exploit for php platform
id	EDB-ID:26796
last seen	2016-02-03
modified	2005-12-13
published	2005-12-13
reporter	r0t3d3Vil
source	https://www.exploit-db.com/download/26796/
title	VCD-db 0.9x Search Module batch Parameter XSS

Summary

Vulnerable Configurations

Exploit-Db

References