CGI abuses : XSS : PaNews Cross-Site Scripting Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.51970

Categoría: CGI abuses : XSS

Título: PaNews Cross-Site Scripting Vulnerability

Resumen: NOSUMMARY

Descripción: Description:

The remote host has a version of paNews installed vulnerable
to a cross-site scripting attack that allows an attacker
to execute arbitrary code in the context of a visitor's browser.

Version 2.0b4 is known to be vulnerable.

Solution : Upgrade to a newer version of PaNews when available.
http://www.phparena.net/panews.php

Risk factor : High

CVSS Score:
6.8

Referencia Cruzada: BugTraq ID: 12576
Common Vulnerability Exposure (CVE) ID: CVE-2005-0485
http://www.securityfocus.com/bid/12576
Bugtraq: 20050216 [PersianHacker.NET 200505-06] paNews v2.0b4 XSS Vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=110863062605906&w=2
XForce ISS Database: panews-commentphp-xss(19359)
https://exchange.xforce.ibmcloud.com/vulnerabilities/19359

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.51970
Categoría:	CGI abuses : XSS
Título:	PaNews Cross-Site Scripting Vulnerability
Resumen:	NOSUMMARY
Descripción:	Description: The remote host has a version of paNews installed vulnerable to a cross-site scripting attack that allows an attacker to execute arbitrary code in the context of a visitor's browser. Version 2.0b4 is known to be vulnerable. Solution : Upgrade to a newer version of PaNews when available. http://www.phparena.net/panews.php Risk factor : High CVSS Score: 6.8
Referencia Cruzada:	BugTraq ID: 12576 Common Vulnerability Exposure (CVE) ID: CVE-2005-0485 http://www.securityfocus.com/bid/12576 Bugtraq: 20050216 [PersianHacker.NET 200505-06] paNews v2.0b4 XSS Vulnerability (Google Search) http://marc.info/?l=bugtraq&m=110863062605906&w=2 XForce ISS Database: panews-commentphp-xss(19359) https://exchange.xforce.ibmcloud.com/vulnerabilities/19359
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com