{"api_version":"1","generated_at":"2026-05-07T13:27:32+00:00","cve":"CVE-2005-1962","urls":{"html":"https://cve.report/CVE-2005-1962","api":"https://cve.report/api/cve/CVE-2005-1962.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2005-1962","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2005-1962"},"summary":{"title":"CVE-2005-1962","description":"Cross-site scripting (XSS) vulnerability in Cerberus Helpdesk 0.97.3 allows remote attackers to inject arbitrary web script or HTML via the (1) errorcode parameter to index.php or (2) certain fields to clients.php.","state":"PUBLISHED","assigner":"mitre","published_at":"2005-06-16 04:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"4.3","severity":"","vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"}}],"references":[{"url":"http://securitytracker.com/id?1014128","name":"http://securitytracker.com/id?1014128","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityTracker.com Archives - Cerberus Helpdesk Input Validation Holes Permit Cross-Site Scripting Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://echo.or.id/adv/adv15-theday-2005.txt","name":"http://echo.or.id/adv/adv15-theday-2005.txt","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"],"title":"ECHO","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://forum.cerberusweb.com/showthread.php?threadid=5162&goto=newpost","name":"http://forum.cerberusweb.com/showthread.php?threadid=5162&goto=newpost","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"http://secunia.com/advisories/15641","name":"http://secunia.com/advisories/15641","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Cerberus Helpdesk \"errorcode\" Cross-Site Scripting","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2005-1962","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-1962","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2005","cve_id":"1962","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cerberus","cpe5":"cerberus_helpdesk","cpe6":"0.97.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T22:06:57.763Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://forum.cerberusweb.com/showthread.php?threadid=5162&goto=newpost"},{"name":"1014128","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1014128"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://echo.or.id/adv/adv15-theday-2005.txt"},{"name":"15641","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/15641"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2005-06-07T00:00:00.000Z","descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in Cerberus Helpdesk 0.97.3 allows remote attackers to inject arbitrary web script or HTML via the (1) errorcode parameter to index.php or (2) certain fields to clients.php."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2006-01-12T10:00:00.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"http://forum.cerberusweb.com/showthread.php?threadid=5162&goto=newpost"},{"name":"1014128","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1014128"},{"tags":["x_refsource_MISC"],"url":"http://echo.or.id/adv/adv15-theday-2005.txt"},{"name":"15641","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/15641"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2005-1962","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Cross-site scripting (XSS) vulnerability in Cerberus Helpdesk 0.97.3 allows remote attackers to inject arbitrary web script or HTML via the (1) errorcode parameter to index.php or (2) certain fields to clients.php."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://forum.cerberusweb.com/showthread.php?threadid=5162&goto=newpost","refsource":"CONFIRM","url":"http://forum.cerberusweb.com/showthread.php?threadid=5162&goto=newpost"},{"name":"1014128","refsource":"SECTRACK","url":"http://securitytracker.com/id?1014128"},{"name":"http://echo.or.id/adv/adv15-theday-2005.txt","refsource":"MISC","url":"http://echo.or.id/adv/adv15-theday-2005.txt"},{"name":"15641","refsource":"SECUNIA","url":"http://secunia.com/advisories/15641"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2005-1962","datePublished":"2005-06-14T04:00:00.000Z","dateReserved":"2005-06-14T00:00:00.000Z","dateUpdated":"2024-08-07T22:06:57.763Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2005-06-16 04:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cerberus:cerberus_helpdesk:0.97.3:*:*:*:*:*:*:*","matchCriteriaId":"23AC1428-278D-413A-981D-D01AAABF9D0E"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2005","CveId":"1962","Ordinal":"1","Title":"CVE-2005-1962","CVE":"CVE-2005-1962","Year":"2005"},"notes":[{"CveYear":"2005","CveId":"1962","Ordinal":"1","NoteData":"Cross-site scripting (XSS) vulnerability in Cerberus Helpdesk 0.97.3 allows remote attackers to inject arbitrary web script or HTML via the (1) errorcode parameter to index.php or (2) certain fields to clients.php.","Type":"Description","Title":"CVE-2005-1962"},{"CveYear":"2005","CveId":"1962","Ordinal":"2","NoteData":"2005-06-14","Type":"Other","Title":"Published"},{"CveYear":"2005","CveId":"1962","Ordinal":"3","NoteData":"2006-01-12","Type":"Other","Title":"Modified"}]}}}