1. CVE-Search
  2. CVE-2005-0952
ID CVE-2005-0952
Summary Cross-site scripting vulnerability in pafiledb.php in PaFileDB 3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
References
Vulnerable Configurations
  • cpe:2.3:a:php_arena:pafiledb:3.1:*:*:*:*:*:*:*
    cpe:2.3:a:php_arena:pafiledb:3.1:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 19-10-2018 - 15:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:P/A:N
refmap via4
bugtraq
  • 20050330 PaFileDB Version 3.1 and below are exploitable via a XSS and a SQL injection vulnerability
  • 20061008 XSS IN paFileDB 3.1
misc http://digitalparadox.org/advisories/pafdb.txt
xf pafiledb-action-xss(29394)
Last major update 19-10-2018 - 15:31
Published 02-05-2005 - 04:00
Last modified 19-10-2018 - 15:31
Back to Top