ID CVE-2003-0481
Summary Multiple cross-site scripting (XSS) vulnerabilities in TUTOS 1.1 allow remote attackers to insert arbitrary web script, as demonstrated using the msg parameter to file_select.php.
References
Vulnerable Configurations
  • cpe:2.3:a:gero_kohnert:tutos:1.1
    cpe:2.3:a:gero_kohnert:tutos:1.1
CVSS
Base: 4.3 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
exploit-db via4
description Tutos 1.1 File_Select.PHP Cross-Site Scripting Vulnerability. CVE-2003-0481. Webapps exploit for php platform
id EDB-ID:22818
last seen 2016-02-02
modified 2003-06-20
published 2003-06-20
reporter Fran├žois SORIN
source https://www.exploit-db.com/download/22818/
title Tutos 1.1 File_Select.PHP Cross-Site Scripting Vulnerability
nessus via4
NASL family CGI abuses
NASL id TUTOS_SQL_XSS.NASL
description The remote host is running Tutos, an open source team organization software package written in PHP. The remote version of this software is vulnerable to multiple input validation flaws that could allow an authenticated user to perform a cross-site scripting attack or a SQL injection against the remote service.
last seen 2019-02-21
modified 2018-08-01
plugin id 14784
published 2004-09-21
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=14784
title TUTOS < 1.2 Multiple Input Validation Vulnerabilities
refmap via4
bugtraq 20030623 [KSA-001] Multiple vulnerabilities in Tutos
Last major update 17-10-2016 - 22:34
Published 07-08-2003 - 00:00
Back to Top