RSS   Vulnerabilities for 'Freewebstat'   RSS

2005-12-01
 
CVE-2005-3959

CWE-Other
 

 
Multiple cross-site scripting (XSS) vulnerabilities in FreeWebStat 1.0 rev37 allow remote attackers to inject arbitrary web script or HTML via the (1) site, (2) jsref, (3) jsres, and (4) jscolor parameters to pixel.php, which are not sanitized before being included in the logdb.html file, and (5) the search key to stat.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top