Search criteria
3 vulnerabilities found for gossamer_threads_links-sql by gossamer_threads
FKIE_CVE-2005-1492
Vulnerability from fkie_nvd - Published: 2005-05-11 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in user.cgi in Gossamer Threads Links SQL 2.x and 3.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gossamer_threads | gossamer_threads_links | 2.0 | |
| gossamer_threads | gossamer_threads_links | 2.2.0 | |
| gossamer_threads | gossamer_threads_links-sql | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gossamer_threads:gossamer_threads_links:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FD11E263-3B04-4347-8F2B-7DD254A4BB88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gossamer_threads:gossamer_threads_links:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5780E720-F6FF-4E50-9C52-6CAA9B1EB219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gossamer_threads:gossamer_threads_links-sql:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A1BBD1-619D-4582-8ACA-016E913CE221",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in user.cgi in Gossamer Threads Links SQL 2.x and 3.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter."
}
],
"id": "CVE-2005-1492",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-11T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://gossamer-threads.com/perl/gforum/gforum.cgi?post=281029%3B"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=111531023916998\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/15253"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://securitytracker.com/id?1013891"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.gossamer-threads.com/forum/Gossamer_Links_3.0.1_Released_P280986/"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/16189"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/13484"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://gossamer-threads.com/perl/gforum/gforum.cgi?post=281029%3B"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=111531023916998\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/15253"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://securitytracker.com/id?1013891"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.gossamer-threads.com/forum/Gossamer_Links_3.0.1_Released_P280986/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/16189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/13484"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20415"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2005-1492 (GCVE-0-2005-1492)
Vulnerability from cvelistv5 – Published: 2005-05-11 04:00 – Updated: 2024-08-07 21:51
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in user.cgi in Gossamer Threads Links SQL 2.x and 3.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:51:50.367Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "15253",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15253"
},
{
"name": "1013891",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013891"
},
{
"name": "16189",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/16189"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.gossamer-threads.com/forum/Gossamer_Links_3.0.1_Released_P280986/"
},
{
"name": "links-usercgi-addcgi-xss(20415)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20415"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gossamer-threads.com/perl/gforum/gforum.cgi?post=281029%3B"
},
{
"name": "13484",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13484"
},
{
"name": "20050504 Gossamer Threads Links SQL login XSS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111531023916998\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-05-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in user.cgi in Gossamer Threads Links SQL 2.x and 3.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "15253",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15253"
},
{
"name": "1013891",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013891"
},
{
"name": "16189",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/16189"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.gossamer-threads.com/forum/Gossamer_Links_3.0.1_Released_P280986/"
},
{
"name": "links-usercgi-addcgi-xss(20415)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20415"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gossamer-threads.com/perl/gforum/gforum.cgi?post=281029%3B"
},
{
"name": "13484",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13484"
},
{
"name": "20050504 Gossamer Threads Links SQL login XSS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111531023916998\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1492",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in user.cgi in Gossamer Threads Links SQL 2.x and 3.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "15253",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15253"
},
{
"name": "1013891",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013891"
},
{
"name": "16189",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/16189"
},
{
"name": "http://www.gossamer-threads.com/forum/Gossamer_Links_3.0.1_Released_P280986/",
"refsource": "CONFIRM",
"url": "http://www.gossamer-threads.com/forum/Gossamer_Links_3.0.1_Released_P280986/"
},
{
"name": "links-usercgi-addcgi-xss(20415)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20415"
},
{
"name": "http://gossamer-threads.com/perl/gforum/gforum.cgi?post=281029;",
"refsource": "CONFIRM",
"url": "http://gossamer-threads.com/perl/gforum/gforum.cgi?post=281029;"
},
{
"name": "13484",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13484"
},
{
"name": "20050504 Gossamer Threads Links SQL login XSS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=111531023916998\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1492",
"datePublished": "2005-05-11T04:00:00",
"dateReserved": "2005-05-11T00:00:00",
"dateUpdated": "2024-08-07T21:51:50.367Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1492 (GCVE-0-2005-1492)
Vulnerability from nvd – Published: 2005-05-11 04:00 – Updated: 2024-08-07 21:51
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in user.cgi in Gossamer Threads Links SQL 2.x and 3.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:51:50.367Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "15253",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15253"
},
{
"name": "1013891",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013891"
},
{
"name": "16189",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/16189"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.gossamer-threads.com/forum/Gossamer_Links_3.0.1_Released_P280986/"
},
{
"name": "links-usercgi-addcgi-xss(20415)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20415"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gossamer-threads.com/perl/gforum/gforum.cgi?post=281029%3B"
},
{
"name": "13484",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13484"
},
{
"name": "20050504 Gossamer Threads Links SQL login XSS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111531023916998\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-05-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in user.cgi in Gossamer Threads Links SQL 2.x and 3.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "15253",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15253"
},
{
"name": "1013891",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013891"
},
{
"name": "16189",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/16189"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.gossamer-threads.com/forum/Gossamer_Links_3.0.1_Released_P280986/"
},
{
"name": "links-usercgi-addcgi-xss(20415)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20415"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gossamer-threads.com/perl/gforum/gforum.cgi?post=281029%3B"
},
{
"name": "13484",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13484"
},
{
"name": "20050504 Gossamer Threads Links SQL login XSS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111531023916998\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1492",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in user.cgi in Gossamer Threads Links SQL 2.x and 3.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "15253",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15253"
},
{
"name": "1013891",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013891"
},
{
"name": "16189",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/16189"
},
{
"name": "http://www.gossamer-threads.com/forum/Gossamer_Links_3.0.1_Released_P280986/",
"refsource": "CONFIRM",
"url": "http://www.gossamer-threads.com/forum/Gossamer_Links_3.0.1_Released_P280986/"
},
{
"name": "links-usercgi-addcgi-xss(20415)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20415"
},
{
"name": "http://gossamer-threads.com/perl/gforum/gforum.cgi?post=281029;",
"refsource": "CONFIRM",
"url": "http://gossamer-threads.com/perl/gforum/gforum.cgi?post=281029;"
},
{
"name": "13484",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13484"
},
{
"name": "20050504 Gossamer Threads Links SQL login XSS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=111531023916998\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1492",
"datePublished": "2005-05-11T04:00:00",
"dateReserved": "2005-05-11T00:00:00",
"dateUpdated": "2024-08-07T21:51:50.367Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}