CVE-2004-2484 Information

Feb 14, 2021 cve

Description

Cross-site scripting (XSS) vulnerability in PHP Gift Registry 1.3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the message parameter to (1) event.php or (2) index.php.

Reference

http://cvs.sourceforge.net/viewcvs.py/phpgiftreg/src/event.php?r1=1.4&r2=1.5 http://cvs.sourceforge.net/viewcvs.py/phpgiftreg/src/index.php?r1=1.20&r2=1.21 http://secunia.com/advisories/13414 http://sourceforge.net/project/shownotes.php?release_id=288731 http://www.osvdb.org/12286 http://www.osvdb.org/12287 http://www.securityfocus.com/bid/11879 https://exchange.xforce.ibmcloud.com/vulnerabilities/18412

Share on: