CVE-2005-2884

Cross-site scripting (XSS) vulnerability in events.php in Land Down Under (LDU) 801 and earlier allows remote attackers to inject arbitrary web script or HTML via the Description field in an event.

Published: Sep 14, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-2884
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
neocrome / land_down_under	601	601.x
neocrome / land_down_under	602	602.x
neocrome / land_down_under	700.01	700.01.x
neocrome / land_down_under	700.04	700.04.x
neocrome / land_down_under	701	701.x
neocrome / land_down_under	801	801.x
neocrome / land_down_under	700.02	700.02.x
neocrome / land_down_under	700.03	700.03.x
neocrome / land_down_under	800	800.x
neocrome / land_down_under	700.05	700.05.x

http://marc.info/?l=bugtraq&m=112604873103252&w=2
http://secunia.com/advisories/16710/
http://www.securityfocus.com/bid/14746
https://exchange.xforce.ibmcloud.com/vulnerabilities/22195

Vulnerability Database

290,206

CVE-2005-2884