Summary
The remote web server contains a PHP script which is vulnerable to a cross site scripting issue.
Description :
The remote host is running ATutor, a CMS written in PHP.
The remote version of this software is prone to cross-site scripting attacks due to its failure to sanitize user-supplied input.
Solution
Unknown at this time.
References
Severity
Classification
-
CVE CVE-2005-2649 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
- Alt-N WebAdmin Remote Source Code Information Disclosure Vulnerability
- AfterLogic WebMail Pro Multiple Cross Site Scripting Vulnerabilities
- Apache Tomcat Multiple Vulnerabilities June-09
- 7Media Web Solutions EduTrac Directory Traversal Vulnerability