Back to search
CVE-2005-3795
Published: Nov 24, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Affiliate Network Pro 7.2 allow remote attackers to inject arbitrary web script or HTML via (1) the Err parameter in admin/index.php and the (2) firstname and (3) lastname parameters in index.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://myblog.it-security23.net/?postid=5
x_refsource_MISC
20891
vdb-entry
x_refsource_OSVDB
affiliate-network-index-xss(23075)
vdb-entry
x_refsource_XF
ADV-2005-2455
vdb-entry
x_refsource_VUPEN
20051115 Affiliate Network Pro v7.2 SQL Injections, Arbitrary code execution, XSS
mailing-list
x_refsource_BUGTRAQ
20892
vdb-entry
x_refsource_OSVDB
17605
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now