ID CVE-2004-2511
Summary Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal 5.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the year, (2) month, and (3) day parameters in calendar.php; (4) the cid and (5) url parameters in index.php; (6) the cid parameter in annoucement.php; (7) the cid parameter in news.php; (8) the cid parameter in contents.php; (9) the q parameter in search.php; and (10) the country parameter in register.php.
References
Vulnerable Configurations
  • cpe:2.3:a:codeworx_technologies:dcp-portal:3.7
    cpe:2.3:a:codeworx_technologies:dcp-portal:3.7
  • cpe:2.3:a:codeworx_technologies:dcp-portal:4.0
    cpe:2.3:a:codeworx_technologies:dcp-portal:4.0
  • cpe:2.3:a:codeworx_technologies:dcp-portal:4.1
    cpe:2.3:a:codeworx_technologies:dcp-portal:4.1
  • cpe:2.3:a:codeworx_technologies:dcp-portal:4.2
    cpe:2.3:a:codeworx_technologies:dcp-portal:4.2
  • cpe:2.3:a:codeworx_technologies:dcp-portal:4.5.1
    cpe:2.3:a:codeworx_technologies:dcp-portal:4.5.1
  • cpe:2.3:a:codeworx_technologies:dcp-portal:5.0.1
    cpe:2.3:a:codeworx_technologies:dcp-portal:5.0.1
  • cpe:2.3:a:codeworx_technologies:dcp-portal:5.0.2
    cpe:2.3:a:codeworx_technologies:dcp-portal:5.0.2
  • cpe:2.3:a:codeworx_technologies:dcp-portal:5.1
    cpe:2.3:a:codeworx_technologies:dcp-portal:5.1
  • cpe:2.3:a:codeworx_technologies:dcp-portal:5.2
    cpe:2.3:a:codeworx_technologies:dcp-portal:5.2
  • cpe:2.3:a:codeworx_technologies:dcp-portal:5.3
    cpe:2.3:a:codeworx_technologies:dcp-portal:5.3
  • cpe:2.3:a:codeworx_technologies:dcp-portal:5.3.1
    cpe:2.3:a:codeworx_technologies:dcp-portal:5.3.1
  • cpe:2.3:a:codeworx_technologies:dcp-portal:5.3.2
    cpe:2.3:a:codeworx_technologies:dcp-portal:5.3.2
CVSS
Base: 4.3 (as of 14-11-2005 - 11:24)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
exploit-db via4
  • description DCP-Portal 3.7/4.x/5.x news.php cid Parameter XSS. CVE-2004-2511. Webapps exploit for php platform
    id EDB-ID:24662
    last seen 2016-02-02
    modified 2004-10-06
    published 2004-10-06
    reporter Alexander Antipov
    source https://www.exploit-db.com/download/24662/
    title DCP-Portal 3.7/4.x/5.x news.php cid Parameter XSS
  • description DCP-Portal 3.7/4.x/5.x calendar.php Multiple Parameter XSS. CVE-2004-2511. Webapps exploit for php platform
    id EDB-ID:24659
    last seen 2016-02-02
    modified 2004-10-06
    published 2004-10-06
    reporter Alexander Antipov
    source https://www.exploit-db.com/download/24659/
    title DCP-Portal 3.7/4.x/5.x calendar.php Multiple Parameter XSS
  • description DCP-Portal 3.7/4.x/5.x announcement.php cid Parameter XSS. CVE-2004-2511. Webapps exploit for php platform
    id EDB-ID:24661
    last seen 2016-02-02
    modified 2004-10-06
    published 2004-10-06
    reporter Alexander Antipov
    source https://www.exploit-db.com/download/24661/
    title DCP-Portal 3.7/4.x/5.x announcement.php cid Parameter XSS
nessus via4
NASL family CGI abuses : XSS
NASL id DCP_PORTAL_XSS.NASL
description The version of DCP-Portal installed on the remote host fails to sanitize input to the script 'calendar.php' before using it to generate dynamic HTML, that could let an attacker execute arbitrary code in the browser of a legitimate user. It may also be affected by HTML injection flaws, which could let an attacker to inject hostile HTML and script code that could permit cookie-based credentials to be stolen and other attacks, and HTTP response splitting flaw, that could let an attacker to influence or misrepresent how web content is served, cached or interpreted. DCP-Portal has been reported to be vulnerable to an HTTP response splitting attack via the PHPSESSID parameter when passed to the calendar.php script. However, Nessus has not checked for this issue.
last seen 2019-02-21
modified 2018-11-15
plugin id 11446
published 2003-03-23
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=11446
title DCP-Portal Multiple Script XSS
refmap via4
bid
  • 11338
  • 11339
bugtraq 20041006 [Maxpatrol Security Advisory] Multiple vulnerabilities in DCP-Portal
osvdb
  • 10585
  • 10587
  • 10588
  • 10589
  • 10590
  • 11405
sectrack 1006351
secunia 12751
xf
  • dcpportal-get-xss(17638)
  • dcpportal-post-xss(17639)
Last major update 05-09-2008 - 16:44
Published 31-12-2004 - 00:00
Last modified 10-07-2017 - 21:31
Back to Top