Zeroblog <= 1.2a Cross-Site Scripting Vulnerability Network Vulnerability

Summary

The remote host contains a PHP script that is vulnerable to cross-site scripting attacks. Description : The remote host appears to be running ZeroBlog. A vulnerability was identified in Zeroblog, which may be exploited by remote attackers to inject script code. ZeroBlog does not properly sanitize user input in the 'threadID', 'replyID' and 'albumID' parameters.

Solution

Unknown at this time.

Severity

Classification

CVE CVE-2005-3264
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

AbanteCart Multiple Cross-Site Scripting Vulnerabilities
Apache Archiva Home Page Cross-Site Scripting vulnerability
Aardvark Topsites <= 4.2.2 Remote File Inclusion Vulnerability
Annuaire PHP 'sites_inscription.php' Cross Site Scripting Vulnerability
Apache Struts2 showcase namespace XSS Vulnerability

Take action and discover your vulnerabilities