Description
Multiple cross-site scripting (XSS) vulnerabilities in XAMPP 1.4.x allow remote attackers to inject arbitrary web script or HTML via (1) cds.php, (2) Guestbook-EN.pl, or (3) phonebook.php.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Morning Wood · textremotemultiple
https://www.exploit-db.com/exploits/25391
References (4)
Core 4
Core References
Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/13127
Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/13128
Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/13126
Mailing List mailing-list
x_refsource_fulldisc
http://marc.info/?l=full-disclosure&m=111330048629182&w=2
Scores
EPSS
0.0417
EPSS Percentile
88.7%
Details
Status
published
Products (17)
xampp/apache_distribution
0.1
xampp/apache_distribution
0.2
xampp/apache_distribution
0.3
xampp/apache_distribution
1.4.1
xampp/apache_distribution
1.4.2
xampp/apache_distribution
1.4.3
xampp/apache_distribution
1.4.4
xampp/apache_distribution
1.4.5
xampp/apache_distribution
1.4.6
xampp/apache_distribution
1.4.7
... and 7 more
Published
Apr 12, 2005
Tracked Since
Feb 18, 2026