CVE-2005-1006

Description

Multiple cross-site scripting (XSS) vulnerabilities in SonicWALL SOHO 5.1.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) the user login name, which is not filtered when the administrator views the log file.

Related CPE's

Could not find any relations

References

20050404 SonicWALL SOHO/10 - XSS vulnerability

Broken LinkExploit

http://www.oliverkarow.de/research/SonicWall.txt

ExploitThird Party Advisory

12984

ExploitThird Party AdvisoryVDB Entry

1013638

Broken LinkThird Party AdvisoryVDB Entry

14823

Not Applicable

15261

Broken Link

15262

Broken Link

sonicwall-username-code-execution(19960)

Third Party AdvisoryVDB Entry

sonicwall-http-get-requests-xss(19958)

Third Party AdvisoryVDB Entry

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version	2.0
VectorString	AV:N/AC:M/Au:N/C:N/I:P/A:N
AccessVector	NETWORK
AccessComplexity	MEDIUM
Authentication	NONE
ConfidentialityImpact	NONE
IntegrityImpact	PARTIAL
AvailabilityImpact	NONE
BaseScore	4.300000190734863

Created by Yello

About Severity.io