1. CVE-Search
  2. CVE-2005-4785
ID CVE-2005-4785
Summary Cross-site scripting (XSS) vulnerability in QuickBlogger 1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) author ("your name") and (2) "comment" section.
References
Vulnerable Configurations
  • cpe:2.3:a:jl_webworks:quickblogger:1.4:*:*:*:*:*:*:*
    cpe:2.3:a:jl_webworks:quickblogger:1.4:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 20-07-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
refmap via4
bid 14152
fulldisc 20050705 Quickblogger
misc http://exploitlabs.com/files/advisories/EXPL-A-2005-011-quickblogger.txt
sectrack 1014386
secunia 15942
vupen ADV-2005-0987
xf quickblogger-xss(21244)
Last major update 20-07-2017 - 01:29
Published 31-12-2005 - 05:00
Last modified 20-07-2017 - 01:29
Back to Top