CVE-2005-0674

Published: Mar 3, 2005Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in the News module for paBox 1.6 allows remote attackers to inject arbitrary web script or HTML via the text hidden parameter in an HTTP POST request.

Affected (1)

Products: Php Arena: Pabox

Php Arena

1 product

Pabox

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Php Arena Pabox	Version 1.6

References (8)

http://marc.info/?l=bugtraq&m=110987537431541&w=2

Source: cve@mitre.org

http://secunia.com/advisories/14474

Source: cve@mitre.org

Vendor Advisory

http://securitytracker.com/id?1013363

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/12719

Source: cve@mitre.org

Vendor Advisory

http://marc.info/?l=bugtraq&m=110987537431541&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/14474

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securitytracker.com/id?1013363

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/12719

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.