CVE-2005-1803

Net Portal Dynamic System - XSS

Title source: rule

Description

Multiple cross-site scripting (XSS) vulnerabilities in Net Portal Dynamic System (NPDS) 5.0 allow remote attackers to inject arbitrary web script or HTML via the language parameter to (1) admin.php, or (2) powerpack_f.php, (3) the sitename parameter to sdv_infos.php, (4) the categories parameter to faq.php, (5) the lettre parameter to the glossaire module, (6) the title parameter to reviews.php, or (7) the image_subject parameter to reply.php.

Exploits (6)

exploitdb WRITEUP VERIFIED

by NoSP · textwebappsphp

https://www.exploit-db.com/exploits/25744

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by NoSP · textwebappsphp

https://www.exploit-db.com/exploits/25746

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by NoSP · textwebappsphp

https://www.exploit-db.com/exploits/25747

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by NoSP · textwebappsphp

https://www.exploit-db.com/exploits/25743

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by NoSP · textwebappsphp

https://www.exploit-db.com/exploits/25750

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by NoSP · textwebappsphp

https://www.exploit-db.com/exploits/25742

View Code ZIP pw:eip

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/16464

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1014073

Vendor Advisory x_refsource_confirm

http://www.npds.org/download.php?op=geninfo&did=115

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/16922

Scores

EPSS 0.0036

EPSS Percentile 58.1%

Details

Status published

Products (1)

net_portal_dynamic_system/net_portal_dynamic_system 5.0

Published May 29, 2005

Tracked Since Feb 18, 2026