CVE-2005-1999

Published: Jun 15, 2005Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in pafiledb.php in paFileDB 3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) sortby or (2) filelist parameters to the category action (category.php), or (3) pages parameter in the viewall action (viewall.php).

Affected (1)

Products: Php Arena: Pafiledb

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Php Arena Pafiledb	Version 3.1

References (8)

http://marc.info/?l=bugtraq&m=111885787217807&w=2

Source: cve@mitre.org

http://www.gulftech.org/?node=research&article_id=00082-06142005

Source: cve@mitre.org

ExploitPatch

http://www.phparena.net/

Source: cve@mitre.org

Patch

http://www.phparena.net/pafiledb_patch/

Source: cve@mitre.org

Patch

http://marc.info/?l=bugtraq&m=111885787217807&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.gulftech.org/?node=research&article_id=00082-06142005

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

http://www.phparena.net/

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.phparena.net/pafiledb_patch/

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

Timeline

No history available yet.