CVE-2005-4637
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2005-4637
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Kayako SupportSuite 3.00.26 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) nav parameter in the downloads module, (2) Full Name and (3) Email fields in the core module, (4) Full Name, (5) Email, and (6) Subject fields in the tickets module, or (7) Registered Email field in the lostpassword feature in the core module.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Kayako SupportSuite多个跨站脚本攻击漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Kayako SupportSuite 3.00.26及更早版本中的index.php存在多个跨站脚本攻击漏洞,远程攻击者可以通过(1)下载模块中的nav参数,在核心模块中的(2)全名和(3)电子邮件字段,在票模块中的(4)全名,(5)电子邮件和(6)主题字段或核心模块中lostpassword特性的(7)已注册电子邮局字段注入任意Web脚本或HTML。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2005-4637
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2005-4637
Please Login to view more intelligence information
Same Patch Batch · n/a · 2006-01-09 · 52 CVEs total
| CVE-2006-0142 | Andromeda Andromeda.PHP跨站脚本攻击漏洞 | |
| CVE-2006-0151 | Sudo Python环境变量处理安全性绕过漏洞 | |
| CVE-2006-0150 | Dave Carrigan Auth_LDAP远程格式化字符串漏洞 | |
| CVE-2006-0145 | NetBSD KernFS LSEEK Kernel内存泄露漏洞 | |
| CVE-2006-0148 | NetSarang XLPD拒绝服务漏洞 | |
| CVE-2006-0147 | ADOdb for PHP 'tmssql.php'测试脚本动态代码求值漏洞 | |
| CVE-2006-0146 | ADOdb Server.PHP SQL注入漏洞 | |
| CVE-2006-0149 | SimpBook 跨站脚本攻击漏洞 | |
| CVE-2005-4352 | BSD SecureLevel时间设置安全性限制绕过漏洞 | |
| CVE-2005-4351 | FreeBSD、OpenBSD、DragonFly 绕过文件设置漏洞 | |
| CVE-2006-0083 | Stefan Frings SMS Server Tools本地格式化字符串漏洞 | |
| CVE-2006-0141 | Qualcomm Eudora Internet Mail Server多个拒绝服务漏洞 | |
| CVE-2006-0140 | Navboard多个BBCode跨站脚本攻击漏洞 | |
| CVE-2005-4592 | Bogofilter多个远程缓冲区溢出漏洞 | |
| CVE-2005-4591 | Bogofilter多个远程缓冲区溢出漏洞 | |
| CVE-2006-0139 | PD9 Software MegaBBS 信息泄露漏洞 | |
| CVE-2005-3540 | Petris本地缓冲区溢出漏洞 | |
| CVE-2005-2762 | Avaya VPNRemote VPN用户凭证泄露漏洞 | |
| CVE-2004-2653 | PD9 Software MegaBBS提升特权漏洞 | |
| CVE-2006-0138 | aMSN 拒绝服务漏洞 |
Showing top 20 of 52 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2005-4637
No comments yet