Cross-site scripting (XSS) vulnerability in bibindex.php for BibORB 1.3.2, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the search parameter.
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=110868948719773&w=2 | Exploit Mailing List Third Party Advisory |
http://marc.info/?l=full-disclosure&m=110864983905770&w=2 | Exploit Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/12583 | Patch Third Party Advisory VDB Entry Vendor Advisory |
http://marc.info/?l=bugtraq&m=110868948719773&w=2 | Exploit Mailing List Third Party Advisory |
http://marc.info/?l=full-disclosure&m=110864983905770&w=2 | Exploit Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/12583 | Patch Third Party Advisory VDB Entry Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 23:54
Type | Values Removed | Values Added |
---|---|---|
References | () http://marc.info/?l=bugtraq&m=110868948719773&w=2 - Exploit, Mailing List, Third Party Advisory | |
References | () http://marc.info/?l=full-disclosure&m=110864983905770&w=2 - Exploit, Mailing List, Third Party Advisory | |
References | () http://www.securityfocus.com/bid/12583 - Patch, Third Party Advisory, VDB Entry, Vendor Advisory |
02 Feb 2024, 16:42
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-79 | |
References | (FULLDISC) http://marc.info/?l=full-disclosure&m=110864983905770&w=2 - Exploit, Mailing List, Third Party Advisory | |
References | (BUGTRAQ) http://marc.info/?l=bugtraq&m=110868948719773&w=2 - Exploit, Mailing List, Third Party Advisory | |
References | (BID) http://www.securityfocus.com/bid/12583 - Patch, Third Party Advisory, VDB Entry, Vendor Advisory | |
First Time |
Guillaumegardey
Guillaumegardey biborb |
|
CPE | cpe:2.3:a:guillaumegardey:biborb:1.3.2:rc:*:*:*:*:*:* cpe:2.3:a:guillaumegardey:biborb:1.3.2:-:*:*:*:*:*:* |
Information
Published : 2005-05-02 04:00
Updated : 2024-11-20 23:54
NVD link : CVE-2005-0251
Mitre link : CVE-2005-0251
CVE.ORG link : CVE-2005-0251
JSON object : View
Products Affected
guillaumegardey
- biborb
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')