CVE-2005-1619

Properties

Published:
15.05.2005
Updated:
30.03.2007
Patch available:
Severity:
High
CVSS vector:
(AV:R/AC:L/Au:NR/C:P/I:C/A:P/B:N) Approximated
Product:
phpHeaven: PHPMyChat

Vulnerability description

Multiple cross-site scripting (XSS) vulnerabilities in (1) start-page.css.php3 or (2) style.css.php3 in PHPMyChat 0.14.5 allow remote attackers to inject arbitrary web script or HTML commands via the FontName parameter.

References:

BUGTRAQ:http://marc.theaimsgroup.com/?l=bugtraq&m=111602076500031&w=2