paNews comment.php showpost Parameter XSS

medium Nessus Plugin ID 16479

Synopsis

The remote web server contains a PHP application that is affected by a cross-site scripting issue.

Description

According to its banner, the remote host is running a version of paNews that fails to sanitize input to the 'showpost' parameter of the 'comment.php' script before using it to generate dynamic web content. By coercing an unsuspecting user into visiting a malicious website, an attacker may be able to possibly steal credentials or execute browser-side code.

Solution

Unknown at this time.

See Also

https://seclists.org/bugtraq/2005/Feb/307

Plugin Details

Severity: Medium

ID: 16479

File Name: panews_xss.nasl

Version: 1.17

Type: remote

Published: 2/16/2005

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.5

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

Required KB Items: www/panews

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Vulnerability Publication Date: 2/17/2005

Reference Information

CVE: CVE-2005-0485

BID: 12576

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990