Vulnerabilities > CVE-2005-4489 - Cross-Site Scripting vulnerability in Scoop
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting (XSS) vulnerability in Scoop 1.1 RC1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) type and (2) count parameters, and (3) the query string in a story.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description Scoop 1.1 RC1 Search Module Multiple Parameter XSS. CVE-2005-4489. Webapps exploit for php platform id EDB-ID:26938 last seen 2016-02-03 modified 2005-12-21 published 2005-12-21 reporter r0t3d3Vil source https://www.exploit-db.com/download/26938/ title Scoop 1.1 RC1 - Search Module Multiple Parameter XSS description Scoop 1.1 RC1 Missing Story Error XSS. CVE-2005-4489. Webapps exploit for php platform id EDB-ID:26939 last seen 2016-02-03 modified 2005-12-21 published 2005-12-21 reporter r0t3d3Vil source https://www.exploit-db.com/download/26939/ title Scoop 1.1 RC1 Missing Story Error XSS