Back to search
CVE-2005-2886
Published: Sep 14, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in MAXdev MD-Pro 1.0.73, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via (1) the print parameter to the print module, the sitename parameter to (2) bb_smilies or (3) bbcode_ref module, or (4) the hlpfile parameter to openwindow.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
16731
third-party-advisory
x_refsource_SECUNIA
mdpro-modules-openwindow-xss(22200)
vdb-entry
x_refsource_XF
http://rgod.altervista.org/maxdev1073.html
x_refsource_MISC
20050906 MAXdev MD-Pro 1.0.73 (possibly prior versions) remote code execution / cross site scripting / path disclosure
mailing-list
x_refsource_BUGTRAQ
14751
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now