CVE-2005-1135
published 2005-05-02CVE-2005-1135: Cross-site scripting (XSS) vulnerability in search.php for Simple PHP Blog (sphpBlog) 0.4.0 allows remote attackers to inject arbitrary web script or HTML via…
PriorityP418medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
1.74%
74.8th percentile
Cross-site scripting (XSS) vulnerability in search.php for Simple PHP Blog (sphpBlog) 0.4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| alexander_palmo | simple_php_blog | — | — |
| sphpblog | sphpblog | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-q942-rf2r-qx3v: Cross-site scripting (XSS) vulnerability in search
ghsa_unreviewed·2022-05-01
CVE-2005-1135 [MEDIUM] GHSA-q942-rf2r-qx3v: Cross-site scripting (XSS) vulnerability in search
Cross-site scripting (XSS) vulnerability in search.php for Simple PHP Blog (sphpBlog) 0.4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
GHSA
GHSA-wj69-4pwf-5mc7: Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog (SPHPBlog), probably 0
ghsa_unreviewed·2022-05-01·CVSS 4.3
CVE-2006-6032 [MEDIUM] GHSA-wj69-4pwf-5mc7: Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog (SPHPBlog), probably 0
Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog (SPHPBlog), probably 0.4.8, allow remote attackers to inject arbitrary web script or HTML via (1) the action parameter in add_block.php or (2) the entry parameter in index.php, different vectors than CVE-2005-1135. NOTE: this has been reported to affect 0.8, but as of 20061121, the most recent version is only 0.4.9.
No detection rules found.
No writeups or analysis indexed.
http://echo.or.id/adv/adv12-y3dips-2005.txthttp://marc.info/?l=bugtraq&m=111359320312609&w=2http://www.securityfocus.com/bid/13170http://www.waraxe.us/ftopict-651.htmlhttp://echo.or.id/adv/adv12-y3dips-2005.txthttp://marc.info/?l=bugtraq&m=111359320312609&w=2http://www.securityfocus.com/bid/13170http://www.waraxe.us/ftopict-651.html
2005-05-02
Published