Vulnerabilities > CVE-2005-4298 - Cross-Site Scripting vulnerability in AltantForum

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

atlantpro-com

exploit available

NVD

Published: 2005-12-16

Updated: 2011-03-08

Summary

Cross-site scripting (XSS) vulnerability in atl.cgi in AtlantForum 4.02 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) sch_allsubct, (2) before, and (3) ct parameters.

Vulnerable Configurations

Part	Description	Count
Application	Atlantpro.Com Atlantpro.Com Atlantforum *	1

Exploit-Db

description	AltantForum 4.0.2 Multiple Cross-Site Scripting Vulnerabilities. CVE-2005-4298. Webapps exploit for cgi platform
id	EDB-ID:26846
last seen	2016-02-03
modified	2005-12-15
published	2005-12-15
reporter	r0t3d3Vil
source	https://www.exploit-db.com/download/26846/
title	AltantForum 4.0.2 - Multiple Cross-Site Scripting Vulnerabilities

Summary

Vulnerable Configurations

Exploit-Db

References