Cross-Site Scripting Vulnerabilities in phpwcms by phpwcms Team
CVE-2005-3790

Currently unrated

Key Information:

Vendor

phpwcms Team

Status
phpwcms
Vendor
CVE Published:
24 November 2005

What is CVE-2005-3790?

Multiple cross-site scripting vulnerabilities exist in the act_newsletter.php script of phpwcms 1.2.5. These vulnerabilities enable remote attackers to inject arbitrary web scripts or HTML through the 'i' and 'text' parameters, potentially compromising the security of the web application and its users.

References

http://www.securityfocus.com/bid/15440
vdb-entryx_refsource_BID
http://www.vupen.com/english/advisories/2005/2452
vdb-entryx_refsource_VUPEN
http://marc.info/?l=bugtraq&m=113207712719472&w=2
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.