CVE-2005-3955

Blogbuddies - XSS

Title source: rule

Description

Multiple cross-site scripting (XSS) vulnerabilities in MagpieRSS 7.1, as used in (a) blogBuddiesv 0.3, (b) Jaws 0.6.2, and possibly other products, allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to (a) magpie_debug.php and (2) rss_url parameter to (b) magpie_slashbox.php and (c) simple_smarty.php.

Exploits (2)

exploitdb WORKING POC VERIFIED

by gb.network · textwebappsphp

https://www.exploit-db.com/exploits/26574

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by gb.network · textwebappsphp

https://www.exploit-db.com/exploits/26573

View Code ZIP pw:eip

References (15)

Core 15

Core References

Various Sources x_refsource_misc

http://retrogod.altervista.org/JAWS_062_sql.html

Patch x_refsource_confirm

http://sourceforge.net/tracker/index.php?func=detail&aid=1366743&group_id=127552&atid=708847

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/27337

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/20842

Mailing List mailing-list x_refsource_fulldisc

http://seclists.org/fulldisclosure/2015/May/35

Patch, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/17741

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1015264

Various Sources x_refsource_misc

http://www.jaws-project.com/index.php?blog/show/29

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/21113

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/15555

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/438434/100/0/threaded

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/21112

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2006/2546

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/21643

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/18665

Scores

EPSS 0.0256

EPSS Percentile 85.7%

Details

CWE

CWE-79

Status published

Products (3)

blogbuddies/blogbuddies 0.3

jaws/jaws 0.6.2

magpierss/magpierss 7.1

Published Dec 01, 2005

Tracked Since Feb 18, 2026