CVE-2004-1210

Cross-site scripting (XSS) vulnerability in proxylog.dat in IPCop 1.4.1 and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the (1) url or (2) part variables.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://marc.info/?l=bugtraq&m=110197682705001&w=2
http://www.kurczaba.com/html/security/0411291.htm
http://www.securityfocus.com/bid/11779	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/18301
http://marc.info/?l=bugtraq&m=110197682705001&w=2
http://www.kurczaba.com/html/security/0411291.htm
http://www.securityfocus.com/bid/11779	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/18301

Configurations

Configuration 1 (hide)

cpe:2.3:a:ipcop:ipcop:1.4.1:*:*:*:*:*:*:*

History

20 Nov 2024, 23:50

Type	Values Removed	Values Added
References	~~() http://marc.info/?l=bugtraq&m=110197682705001&w=2 -~~	() http://marc.info/?l=bugtraq&m=110197682705001&w=2 -
References	~~() http://www.kurczaba.com/html/security/0411291.htm -~~	() http://www.kurczaba.com/html/security/0411291.htm -
References	~~() http://www.securityfocus.com/bid/11779 - Exploit~~	() http://www.securityfocus.com/bid/11779 - Exploit
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/18301 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/18301 -

Information

Published : 2005-01-10 05:00

Updated : 2024-11-20 23:50

NVD link : CVE-2004-1210

Mitre link : CVE-2004-1210

CVE.ORG link : CVE-2004-1210

JSON object : View

Products Affected

ipcop

ipcop

CWE

NVD-CWE-Other

6.8 /10