1. CVE-Search
  2. CVE-2005-2650
ID CVE-2005-2650
Summary Cross-site scripting (XSS) vulnerability in sign.asp in Emefa Guestbook 1.2 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) location, and (3) email parameters.
References
Vulnerable Configurations
  • cpe:2.3:a:emefa:emefa_guestbook:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:emefa:emefa_guestbook:1.2:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 05-09-2008 - 20:52)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
refmap via4
bid 14599
confirm http://www.emefa.myserver.org/comp/guestview.php
misc
secunia 16489
Last major update 05-09-2008 - 20:52
Published 23-08-2005 - 04:00
Last modified 05-09-2008 - 20:52
Back to Top