CVE-2005-0925
Ublog Reload 1.0-1.0.4 - Cross-Site Scripting via login.asp msg Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2005-0925. PoCs published by PersianHacker Team.
AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in Ublog 1.0.4 and prior versions. It includes a proof-of-concept URL demonstrating the vulnerability but lacks executable exploit code.
Description
Cross-site scripting (XSS) vulnerability in login.asp for Ublog Reload 1.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by PersianHacker Team · textwebappsphp
https://www.exploit-db.com/exploits/25317
The provided text describes a cross-site scripting (XSS) vulnerability in Ublog 1.0.4 and prior versions. It includes a proof-of-concept URL demonstrating the vulnerability but lacks executable exploit code.
Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:
Ublog 1.0.4 and prior versions
No auth needed
Prerequisites:
Access to a vulnerable Ublog instance · Ability to craft a malicious URL
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (6)
Core 6
Core References
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1013603
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/12931
Various Sources x_refsource_misc
http://www.persianhacker.net/news/news-2945.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/15121
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=111214393101387&w=2
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/14725
Scores
EPSS
0.0199
EPSS Percentile
78.2%
Details
Status
published
Published
May 02, 2005
Tracked Since
Feb 18, 2026