CVE-2005-3014 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2005-3014

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Cross-site scripting (XSS) vulnerability in Ensim webplliance allows remote attackers to inject arbitrary web script or HTML via the Login (OCW_login_username) field.

Affected Software

Name	Vendor	Start Version	End Version
Webppliance	Ensim	3.0 (including)	3.0 (including)
Webppliance	Ensim	3.1 (including)	3.1 (including)
Webppliance	Ensim	3.1.1 (including)	3.1.1 (including)

References

http://membres.lycos.fr/newnst/exploit/Ensim_Autentification_XSS_By_ConcorDHacK.html
http://www.securityfocus.com/bid/14836
http://www.zataz.com/forum/viewtopic.php?id=113
http://membres.lycos.fr/newnst/exploit/Ensim_Autentification_XSS_By_ConcorDHacK.html
http://www.securityfocus.com/bid/14836
http://www.zataz.com/forum/viewtopic.php?id=113