CVE-2004-1975

PHP Arena Pafiledb - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in the category module in pafiledb.php for paFileDB 3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter, a vulnerability that is closely related to CVE-2004-1551.

Exploits (1)

exploitdb WORKING POC

webappsphp

https://www.exploit-db.com/exploits/10667

View on exploitdb

References (4)

[Mailing List] http://marc.info/?l=bugtraq&m=108311096022485&w=2

[Mailing List] http://marc.info/?l=bugtraq&m=109613031414184&w=2

[Vendor Advisory] http://www.securityfocus.com/bid/10229

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/15992

Scores

EPSS 0.0058

EPSS Percentile 68.6%

Classification

Status draft

Affected Products (3)

php_arena/pafiledb

Timeline

Published Apr 27, 2004

Tracked Since Feb 18, 2026