Multiple cross-site scripting (XSS) vulnerabilities in MAXdev MD-Pro 1.0.73, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via (1) the print parameter to the print module, the sitename parameter to (2) bb_smilies or (3) bbcode_ref module, or (4) the hlpfile parameter to openwindow.php.
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=112603835317458&w=2 | |
http://rgod.altervista.org/maxdev1073.html | Exploit Vendor Advisory |
http://secunia.com/advisories/16731/ | Exploit Vendor Advisory |
http://www.securityfocus.com/bid/14751 | Exploit |
https://exchange.xforce.ibmcloud.com/vulnerabilities/22200 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2005-09-14T04:00:00
Updated: 2017-07-10T14:57:01
Reserved: 2005-09-14T00:00:00
Link: CVE-2005-2886
JSON object: View
NVD Information
Status : Modified
Published: 2005-09-14T20:03:00.000
Modified: 2017-07-11T01:33:01.813
Link: CVE-2005-2886
JSON object: View
Redhat Information
No data.
CWE