ID CVE-2005-2010
Summary Cross-site scripting (XSS) vulnerability in trackback.asp in Ublog Reload 1.0.5 allows remote attackers to inject arbitrary web script or HTML via the btitle parameter.
References
Vulnerable Configurations
  • cpe:2.3:a:uapplication:ublog_reload:1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:uapplication:ublog_reload:1.0.5:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 18-10-2016 - 03:24)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
refmap via4
bid 13994
bugtraq 20050620 [ECHO_ADV_18$2005] Multiple SQL INJECTION in Ublog Reload 1.0.5
misc http://echo.or.id/adv/adv18-theday-2005.txt
vupen ADV-2005-0818
Last major update 18-10-2016 - 03:24
Published 20-06-2005 - 04:00
Last modified 18-10-2016 - 03:24
Back to Top