CVE-2005-4567

Multiple cross-site scripting (XSS) vulnerabilities in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (Build 4.4.000 Oct 26 2005) allow remote attackers to inject arbitrary web script or HTML by sending (1) the href parameter to index.fts, or the param1 parameter to (2) /domains/index.fts, (3) /config/licence.fts, or (4) /config/systemacl.fts.

Published: Dec 29, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-4567
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5.8
AV:N/AC:M/Au:N/C:P/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
floosietek / ftgate	4.4_build_4.4.000	4.4_build_4.4.000.x

http://archives.neohapsis.com/archives/fulldisclosure/2005-12/1015.html
http://securitytracker.com/id?1015399
http://www.osvdb.org/22104
http://www.osvdb.org/22105
http://www.osvdb.org/22106
http://www.osvdb.org/22107
http://www.securityfocus.com/bid/15972
http://www.vupen.com/english/advisories/2005/3010

Vulnerability Database

CVE-2005-4567