CVE-2005-1030 in Active Auction Houseinfo

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Active Auction House allow remote attackers to inject arbitrary web script or HTML via the (1) ReturnURL, (2) password, (3) username parameter, (4) ReturnURL parameter to account.asp, (5) Table, (6) Title parameter to sendpassword.asp, or (7) itemid to watchthisitem.asp.

Reservation

04/10/2005

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
82411	Active Auction House watchthisitem.asp cross site scripting	80	Proof-of-Concept	Not defined	CVE-2005-1030
82410	Active Auction House sendpassword.asp cross site scripting	80	Proof-of-Concept	Workaround	CVE-2005-1030
82385	Active Auction House account.asp cross site scripting	80	Proof-of-Concept	Not defined	CVE-2005-1030
24806	Active Web Softwares Active Auction House account.asp cross site scripting	80	Proof-of-Concept	Workaround	CVE-2005-1030

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!