Multiple Cross-Site Scripting Vulnerabilities in Zomplog by Zomplog
CVE-2005-3308

Currently unrated

Key Information:

Vendor: Zomplog
Status: Zomplog
Vendor: CVE Published:; 26 October 2005

What is CVE-2005-3308?

Zomplog 3.4 is susceptible to multiple cross-site scripting vulnerabilities that allow remote attackers to inject arbitrary web scripts or HTML. These vulnerabilities can be exploited through various parameters including the name or comment parameters in detail.php, the username parameter in get.php, and the search parameter in index.php. Exploiting these weaknesses can result in unauthorized access and manipulation of user data, posing significant risks to website security.

References

http://www.securityfocus.com/bid/15168

vdb-entryx_refsource_BID

http://www.osvdb.org/20255

vdb-entryx_refsource_OSVDB

http://securitytracker.com/alerts/2005/Oct/1015088.html

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 26, 2005
Vulnerability Reserved
Oct 26, 2005

JSON