CyberSec.Space Logo
Back to CVE Browser

CVE-2005-0407

MEDIUM
4.3
CVSS Severity Score
EPSS Score0.0380%
EPSS Percentile36.34th
PublishedMay 2, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

Cross-site scripting (XSS) vulnerability in Openconf 1.04, and possibly other versions before 1.10, allows remote attackers to inject arbitrary HTML and web script via the paper title.

Affected Platforms (CPE)

πŸ“¦
Zakon Group

Openconf

= 1.0
πŸ“¦
Zakon Group

Openconf

= 1.0_beta1
πŸ“¦
Zakon Group

Openconf

= 1.0_beta2
πŸ“¦
Zakon Group

Openconf

= 1.0_rc1
πŸ“¦
Zakon Group

Openconf

= 1.0_rc2
πŸ“¦
Zakon Group

Openconf

= 1.01
πŸ“¦
Zakon Group

Openconf

= 1.02
πŸ“¦
Zakon Group

Openconf

= 1.03
πŸ“¦
Zakon Group

Openconf

= 1.04

References & Advisories

πŸ”— http://seclists.org/lists/fulldisclosure/2005/Feb/0347.html
πŸ”— http://secunia.com/advisories/14294
πŸ”— http://www.redteam-pentesting.de/advisories/rt-sa-2005-007.txt
πŸ”— http://www.securityfocus.com/bid/12554
πŸ”— http://seclists.org/lists/fulldisclosure/2005/Feb/0347.html
πŸ”— http://secunia.com/advisories/14294
πŸ”— http://www.redteam-pentesting.de/advisories/rt-sa-2005-007.txt
πŸ”— http://www.securityfocus.com/bid/12554

Related Vulnerabilities

CVE-2012-100210.0

SQL injection vulnerability in author/edit.php in OpenConf 4.x before 4.12 allows remote attackers to execute arbitrary SQL comman...

CVE-2005-051910.0

ArGoSoft FTP Server before 1.4.2.7 allows remote attackers to read arbitrary files by uploading a ZIP file containing a shortcut (...

CVE-2005-103710.0

Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, allows remote attackers to gain root privileges.

CVE-2005-052010.0

ArGoSoft FTP Server before 1.4.2.8 allows remote attackers to read arbitrary files via shortcut (.LNK) files in the SITE COPY comm...