QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2003-1204

Back to search

CVE-2003-1204

Published: May 19, 2005

Modified: Aug 8, 2024

PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Server 4.0.12 BETA and earlier allow remote attackers to execute script on other clients via (1) the link parameter in sectionswindow.php, the directory parameter in (2) gallery.php, (3) navigation.php, or (4) uploadimage.php, the path parameter in (5) view.php, (6) the choice parameter in upload.php, (7) the sitename parameter in mambosimple.php, (8) the type parameter in upload.php, or the id parameter in (9) emailarticle.php, (10) emailfaq.php, or (11) emailnews.php.

VendorProductVersions

n/a

n/a

affected
n/a

References

7505
vdb-entry
x_refsource_OSVDB
7501
vdb-entry
x_refsource_OSVDB
7495
vdb-entry
x_refsource_OSVDB
7502
vdb-entry
x_refsource_OSVDB
7496
vdb-entry
x_refsource_OSVDB
7498
vdb-entry
x_refsource_OSVDB
mambo-multiple-scripts-xss(11050)
vdb-entry
x_refsource_XF
7500
vdb-entry
x_refsource_OSVDB
6571
vdb-entry
x_refsource_BID
7499
vdb-entry
x_refsource_OSVDB
7497
vdb-entry
x_refsource_OSVDB
7504
vdb-entry
x_refsource_OSVDB
7503
vdb-entry
x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now