CVE-2005-0656: XSS
First published: Mon Mar 07 2005(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in auraCMS 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) hits parameter to hits.php, (2) query parameter to index.php, or (3) theCount parameter to counter.php.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| auraCMS | =1.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2005-0656?
CVE-2005-0656 is considered a moderate severity vulnerability due to its potential for exploitation via cross-site scripting.
How do I fix CVE-2005-0656?
To fix CVE-2005-0656, you should update auraCMS to a version that addresses these XSS vulnerabilities.
What are the vulnerable components in CVE-2005-0656?
The vulnerable components in CVE-2005-0656 include hits.php, index.php, and counter.php in auraCMS 1.5.
Who is affected by CVE-2005-0656?
Users of auraCMS version 1.5 are affected by CVE-2005-0656.
What kind of attacks can exploit CVE-2005-0656?
CVE-2005-0656 can be exploited for cross-site scripting attacks, allowing attackers to inject arbitrary web scripts or HTML.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/arif supriyanto
- canonical/auracms
- version/auracms/1.5