Vulnerabilities > CVE-2005-4484 - Cross-Site Scripting vulnerability in IntranetApp

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

iatek

exploit available

NVD

Published: 2005-12-22

Updated: 2011-03-08

Summary

Multiple cross-site scripting (XSS) vulnerabilities in IntranetApp 3.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ret_page parameter to login.asp or the (2) do_search and (3) search parameters to content.asp.

Vulnerable Configurations

Part	Description	Count
Application	Iatek Iatek Intranetapp *	1

Exploit-Db

description	IntranetApp 3.3 content.asp Multiple Parameter XSS. CVE-2005-4484. Webapps exploit for asp platform
id	EDB-ID:26929
last seen	2016-02-03
modified	2005-12-21
published	2005-12-21
reporter	r0t
source	https://www.exploit-db.com/download/26929/
title	IntranetApp 3.3 content.asp Multiple Parameter XSS

description	IntranetApp 3.3 login.asp ret_page Parameter XSS. CVE-2005-4484. Webapps exploit for asp platform
id	EDB-ID:26928
last seen	2016-02-03
modified	2005-12-21
published	2005-12-21
reporter	r0t
source	https://www.exploit-db.com/download/26928/
title	IntranetApp 3.3 login.asp ret_page Parameter XSS

Summary

Vulnerable Configurations

Exploit-Db

References