Vulnerabilities > CVE-2005-4490 - Cross-Site Scripting vulnerability in Commercial Interactive Media SCOOP!
Summary
Multiple cross-site scripting (XSS) vulnerabilities in SCOOP! 2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) keyword and (2) invalid parameter to articleSearch.asp; (3) username and (4) invalid parameter to lostPassword.asp; (5) Username, (6) Password, and (7) invalid parameter to account_login.asp; (8) area, (9) articleZoneID, (10) r, and (11) invalid parameters to category.asp; and invalid parameters to (12) articleZone.asp, (13) prePurchaserRegistration.asp, and (14) requestDemo.asp.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description Commercial Interactive Media SCOOP! 2.3 articleSearch.asp XSS. CVE-2005-4490. Webapps exploit for asp platform id EDB-ID:26940 last seen 2016-02-03 modified 2005-12-21 published 2005-12-21 reporter r0t3d3Vil source https://www.exploit-db.com/download/26940/ title Commercial Interactive Media SCOOP! 2.3 articleSearch.asp XSS description Commercial Interactive Media SCOOP! 2.3 requestDemo.asp Invalid Parameter XSS. CVE-2005-4490. Webapps exploit for asp platform id EDB-ID:26946 last seen 2016-02-03 modified 2005-12-21 published 2005-12-21 reporter r0t3d3Vil source https://www.exploit-db.com/download/26946/ title Commercial Interactive Media SCOOP! 2.3 requestDemo.asp Invalid Parameter XSS description Commercial Interactive Media SCOOP! 2.3 account_login.asp Multiple Parameter XSS. CVE-2005-4490 . Webapps exploit for asp platform id EDB-ID:26942 last seen 2016-02-03 modified 2005-12-21 published 2005-12-21 reporter r0t3d3Vil source https://www.exploit-db.com/download/26942/ title Commercial Interactive Media SCOOP! 2.3 account_login.asp Multiple Parameter XSS description Commercial Interactive Media SCOOP! 2.3 articleZone.asp Invalid Parameter XSS. CVE-2005-4490. Webapps exploit for asp platform id EDB-ID:26944 last seen 2016-02-03 modified 2005-12-21 published 2005-12-21 reporter r0t3d3Vil source https://www.exploit-db.com/download/26944/ title Commercial Interactive Media SCOOP! 2.3 articleZone.asp Invalid Parameter XSS description Commercial Interactive Media SCOOP! 2.3 lostPassword.asp Multiple Parameter XSS. CVE-2005-4490 . Webapps exploit for asp platform id EDB-ID:26941 last seen 2016-02-03 modified 2005-12-21 published 2005-12-21 reporter r0t3d3Vil source https://www.exploit-db.com/download/26941/ title Commercial Interactive Media SCOOP! 2.3 lostPassword.asp Multiple Parameter XSS description Commercial Interactive Media SCOOP! 2.3 category.asp Multiple Parameter XSS. CVE-2005-4490. Webapps exploit for asp platform id EDB-ID:26943 last seen 2016-02-03 modified 2005-12-21 published 2005-12-21 reporter r0t3d3Vil source https://www.exploit-db.com/download/26943/ title Commercial Interactive Media SCOOP! 2.3 category.asp Multiple Parameter XSS description Commercial Interactive Media SCOOP! 2.3 prePurchaserRegistration.asp Invalid Parameter XSS. CVE-2005-4490. Webapps exploit for asp platform id EDB-ID:26945 last seen 2016-02-03 modified 2005-12-21 published 2005-12-21 reporter r0t3d3Vil source https://www.exploit-db.com/download/26945/ title Commercial Interactive Media SCOOP! 2.3 prePurchaserRegistration.asp Invalid Parameter XSS