Back to search
CVE-2005-1030
Published: Apr 9, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in Active Auction House allow remote attackers to inject arbitrary web script or HTML via the (1) ReturnURL, (2) password, (3) username parameter, (4) ReturnURL parameter to account.asp, (5) Table, (6) Title parameter to sendpassword.asp, or (7) itemid to watchthisitem.asp.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
15287
vdb-entry
x_refsource_OSVDB
13038
vdb-entry
x_refsource_BID
15286
vdb-entry
x_refsource_OSVDB
13036
vdb-entry
x_refsource_BID
13039
vdb-entry
x_refsource_BID
1013649
vdb-entry
x_refsource_SECTRACK
http://digitalparadox.org/advisories/aass.txt
x_refsource_MISC
20050406 Active Auction House has multiple Sql injection, error and XSS
mailing-list
x_refsource_BUGTRAQ
15284
vdb-entry
x_refsource_OSVDB
15285
vdb-entry
x_refsource_OSVDB
aah-multiple-scripts-xss(19975)
vdb-entry
x_refsource_XF
14839
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now