← volver
CVE-2005-3902

CVE-2005-3902

EPSS 2.2%
Cross-site scripting (XSS) vulnerability in gui/errordocs/index.php in Virtual Hosting Control System (VHCS) 2.2.0 through 2.4.6.2 allows remote attackers to inject arbitrary web script or HTML via query strings that are included in an error message, as demonstrated using a parameter containing script.
Productos afectados
n/a · n/a
PoCs públicas encontradas1
exploitdbwww.exploit-db.com/exploits/26559no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/039000.htmlhttp://marc.info/?l=bugtraq&m=113269811630139&w=2http://moritz-naumann.com/adv/0006/vhcsxss/0006.txthttp://secunia.com/advisories/17704/http://securityreason.com/securityalert/202https://exchange.xforce.ibmcloud.com/vulnerabilities/23209http://www.osvdb.org/21060http://www.securityfocus.com/bid/15538