CVE

Id
15163  
CVE No.
CVE-2005-3959  
Status
Candidate  
Description
Multiple cross-site scripting (XSS) vulnerabilities in FreeWebStat 1.0 rev37 allow remote attackers to inject arbitrary web script or HTML via the (1) site, (2) jsref, (3) jsres, and (4) jscolor parameters to pixel.php, which are not sanitized before being included in the logdb.html file, and (5) the search key to stat.php.  
Phase
Assigned (20051201)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
118296 15163 CVE-2005-3959 BUGTRAQ:20051128 Free Web Stat Multiple XSS Vulnerabilities  View
118297 15163 CVE-2005-3959 URL:http://www.securityfocus.com/archive/1/archive/1/417902/100/0/threaded  View
118298 15163 CVE-2005-3959 MISC:http://www.ush.it/2005/11/25/free-web-stat/  View
118299 15163 CVE-2005-3959 MISC:http://www.freewebstat.com/changelog-english.html  View
118300 15163 CVE-2005-3959 BID:15601  View
118301 15163 CVE-2005-3959 URL:http://www.securityfocus.com/bid/15601  View
118302 15163 CVE-2005-3959 VUPEN:ADV-2005-2646  View
118303 15163 CVE-2005-3959 URL:http://www.vupen.com/english/advisories/2005/2646  View
118304 15163 CVE-2005-3959 OSVDB:21207  View
118305 15163 CVE-2005-3959 URL:http://www.osvdb.org/21207  View
118306 15163 CVE-2005-3959 SECTRACK:1015301  View
118307 15163 CVE-2005-3959 URL:http://securitytracker.com/id?1015301  View
118308 15163 CVE-2005-3959 SECUNIA:17783  View
118309 15163 CVE-2005-3959 URL:http://secunia.com/advisories/17783  View
118310 15163 CVE-2005-3959 XF:freewebstat-logdb-xss(23387)  View
118311 15163 CVE-2005-3959 URL:http://xforce.iss.net/xforce/xfdb/23387  View
118312 15163 CVE-2005-3959 XF:freewebstat-stat-search-xss(23391)  View

Related JVN