Vulnerability Details CVE-2005-4567
Multiple cross-site scripting (XSS) vulnerabilities in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (Build 4.4.000 Oct 26 2005) allow remote attackers to inject arbitrary web script or HTML by sending (1) the href parameter to index.fts, or the param1 parameter to (2) /domains/index.fts, (3) /config/licence.fts, or (4) /config/systemacl.fts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.4%
CVSS Severity
CVSS v2 Score 5.8
References
- http://archives.neohapsis.com/archives/fulldisclosure/2005-12/1015.html
- http://securitytracker.com/id?1015399
- http://www.osvdb.org/22104
- http://www.osvdb.org/22105
- http://www.osvdb.org/22106
- http://www.osvdb.org/22107
- http://www.securityfocus.com/bid/15972
- http://www.vupen.com/english/advisories/2005/3010
- http://archives.neohapsis.com/archives/fulldisclosure/2005-12/1015.html
- http://securitytracker.com/id?1015399
- http://www.osvdb.org/22104
- http://www.osvdb.org/22105
- http://www.osvdb.org/22106
- http://www.osvdb.org/22107
- http://www.securityfocus.com/bid/15972
- http://www.vupen.com/english/advisories/2005/3010
Products affected by CVE-2005-4567
-
cpe:2.3:a:floosietek:ftgate:4.4_build_4.4.000