CVE-2005-3790 in phpwcmsinfo

Summary

by MITRE

Multiple cross-site scripting (XSS) vulnerabilities in act_newsletter.php in phpwcms 1.2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) i and (2) text parameters.

Be aware that VulDB is the high quality source for vulnerability data.

Analysis

by VulDB Data Team • 10/23/2025

The vulnerability identified as CVE-2005-3790 represents a critical cross-site scripting flaw discovered in phpwcms version 1.2.5 within the act_newsletter.php component. This vulnerability exposes the application to remote code execution through malicious web script injection, creating significant security risks for organizations relying on this content management system. The flaw specifically affects two parameter fields designated as i and text, which are processed without adequate input validation or output encoding mechanisms.

The technical implementation of this vulnerability stems from insufficient sanitization of user-supplied input parameters within the newsletter functionality of phpwcms. When attackers submit malicious payloads through the i and text parameters, the application fails to properly escape or validate these inputs before rendering them in the web page output. This processing gap creates an environment where attacker-controlled scripts can be executed within the context of other users' browsers, potentially leading to session hijacking, data theft, or further exploitation of the compromised systems. The vulnerability operates at the application layer and specifically targets the web interface components responsible for newsletter management.

From an operational perspective, this XSS vulnerability presents substantial risks to organizations using phpwcms 1.2.5, particularly those handling sensitive user data through newsletter functionality. Attackers could exploit this weakness to steal user sessions, deface websites, redirect users to malicious sites, or execute arbitrary commands on behalf of authenticated users. The remote nature of the attack means that exploitation can occur from any location without requiring physical access to the target system, making it particularly dangerous for web applications with public-facing interfaces. The impact extends beyond simple data corruption to potentially enable complete compromise of user sessions and unauthorized access to administrative functions.

Security mitigations for this vulnerability should prioritize immediate patching of the phpwcms application to the latest available version that addresses this specific XSS flaw. Organizations should implement comprehensive input validation and output encoding mechanisms throughout their web applications to prevent similar vulnerabilities from occurring. The implementation of content security policies and proper parameter sanitization techniques can significantly reduce the attack surface. Additionally, regular security assessments and code reviews should be conducted to identify and remediate potential injection vulnerabilities. This vulnerability aligns with CWE-79 which specifically addresses cross-site scripting flaws, and represents a classic example of how inadequate input validation can create persistent security weaknesses in web applications. The ATT&CK framework categorizes this under initial access and execution techniques, where adversaries leverage web application vulnerabilities to establish footholds within target environments. Organizations should also consider implementing web application firewalls and monitoring systems to detect and prevent exploitation attempts targeting such vulnerabilities.

Reservation

11/24/2005

Disclosure

11/24/2005

Moderation

accepted

Entry

VDB-27064

CPE

ready

Exploit

Download

EPSS

0.01754

KEV

no

Activities

very low

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!