CVE-2005-0925

Ublog Reload 1.0-1.0.4 - Cross-Site Scripting via login.asp msg Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-0925. PoCs published by PersianHacker Team.

AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in Ublog 1.0.4 and prior versions. It includes a proof-of-concept URL demonstrating the vulnerability but lacks executable exploit code.

Description

Cross-site scripting (XSS) vulnerability in login.asp for Ublog Reload 1.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by PersianHacker Team · textwebappsphp
https://www.exploit-db.com/exploits/25317

The provided text describes a cross-site scripting (XSS) vulnerability in Ublog 1.0.4 and prior versions. It includes a proof-of-concept URL demonstrating the vulnerability but lacks executable exploit code.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Ublog 1.0.4 and prior versions
No auth needed
Prerequisites: Access to a vulnerable Ublog instance · Ability to craft a malicious URL
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1013603
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/12931
Various Sources x_refsource_misc
http://www.persianhacker.net/news/news-2945.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/15121
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=111214393101387&w=2
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/14725

Scores

EPSS 0.0199
EPSS Percentile 78.2%

Details

Status published
Published May 02, 2005
Tracked Since Feb 18, 2026