CyberSec.Space Logo
Back to CVE Browser

CVE-2005-0407

MEDIUM
4.3
CVSS Severity Score
EPSS Score0.0380%
EPSS Percentile36.34th
PublishedMay 2, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

Cross-site scripting (XSS) vulnerability in Openconf 1.04, and possibly other versions before 1.10, allows remote attackers to inject arbitrary HTML and web script via the paper title.

Affected Platforms (CPE)

πŸ“¦
Zakon Group

Openconf

= 1.0
πŸ“¦
Zakon Group

Openconf

= 1.0_beta1
πŸ“¦
Zakon Group

Openconf

= 1.0_beta2
πŸ“¦
Zakon Group

Openconf

= 1.0_rc1
πŸ“¦
Zakon Group

Openconf

= 1.0_rc2
πŸ“¦
Zakon Group

Openconf

= 1.01
πŸ“¦
Zakon Group

Openconf

= 1.02
πŸ“¦
Zakon Group

Openconf

= 1.03
πŸ“¦
Zakon Group

Openconf

= 1.04

References & Advisories

πŸ”— http://seclists.org/lists/fulldisclosure/2005/Feb/0347.html
πŸ”— http://secunia.com/advisories/14294
πŸ”— http://www.redteam-pentesting.de/advisories/rt-sa-2005-007.txt
πŸ”— http://www.securityfocus.com/bid/12554
πŸ”— http://seclists.org/lists/fulldisclosure/2005/Feb/0347.html
πŸ”— http://secunia.com/advisories/14294
πŸ”— http://www.redteam-pentesting.de/advisories/rt-sa-2005-007.txt
πŸ”— http://www.securityfocus.com/bid/12554

Related Vulnerabilities

CVE-2012-100210.0

SQL injection vulnerability in author/edit.php in OpenConf 4.x before 4.12 allows remote attackers to execute arbitrary SQL comman...

CVE-2005-001110.0

Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distrib...

CVE-2005-005010.0

The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the len...

CVE-2005-005910.0

Buffer overflow in the Message Queuing component of Microsoft Windows 2000 and Windows XP SP1 allows remote attackers to execute a...