Vulnerability Details : CVE-2005-1444
Potential exploit
Multiple cross-site scripting (XSS) vulnerabilities in SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers to inject arbitrary web script or HTML via (1) the v, show, or sec_name parameters to main.php, (2) the inadmin, newsev, or postid parameters to 5.php, or (3) the id parameter to 0.php.
Vulnerability category: Cross site scripting (XSS)
Products affected by CVE-2005-1444
- cpe:2.3:a:sitepanel:sitepanel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-1444
2.08%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 82 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2005-1444
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
References for CVE-2005-1444
-
http://www.osvdb.org/16263
-
http://www.osvdb.org/16264
-
http://www.gulftech.org/?node=research&article_id=00072-05032005
Exploit;Patch
-
http://secunia.com/advisories/15213
About Secunia Research | FlexeraExploit;Patch;Vendor Advisory
-
http://forum.sitepanel2.com/index.php?showtopic=271
-
http://www.osvdb.org/16262
Jump to