Vulnerabilities > CVE-2005-4555 - Input Validation vulnerability in DEV web Management System 1.5

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
dev
exploit available

Summary

Cross-site scripting (XSS) vulnerability in add.php in DEV web management system 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) ENTER_ARTICLE_TITLE, (2) SPECIFY_ZONE, (3) ENTER_ARTICLE_HEADER, and (4) ENTER_ARTICLE_BODY indices in the language array parameter.

Vulnerable Configurations

Part Description Count
Application
Dev
1

Exploit-Db

descriptionDev Web Management System 1.5 add.php Multiple Parameter XSS. CVE-2005-4555. Webapps exploit for php platform
idEDB-ID:26978
last seen2016-02-03
modified2005-12-27
published2005-12-27
reporter[email protected]
sourcehttps://www.exploit-db.com/download/26978/
titleDev Web Management System 1.5 add.php Multiple Parameter XSS