Unrated severityNVD Advisory· Published Dec 5, 2005· Updated Apr 16, 2026

CVE-2005-4012

Description

Multiple cross-site scripting (XSS) vulnerabilities in PHP Web Statistik 1.4 allows remote attackers to inject arbitrary web script or HTML via (1) the lastnumber parameter to stat.php and (2) the HTTP referer to pixel.php.

Affected products

Php Web/Statistik
cpe:2.3:a:php_web:statistik:1.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.ush.it/2005/11/19/php-web-statistik/nvdExploitPatchVendor Advisory
cert.uni-stuttgart.de/archive/bugtraq/2005/11/msg00325.htmlnvdVendor Advisory
secunia.com/advisories/17789nvdVendor Advisory
freewebstat.com/changelog-english.htmlnvd
www.osvdb.org/21208nvd
www.osvdb.org/21212nvd
www.securityfocus.com/bid/15603nvd
www.vupen.com/english/advisories/2005/2645nvd
exchange.xforce.ibmcloud.com/vulnerabilities/23379nvd
exchange.xforce.ibmcloud.com/vulnerabilities/23385nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000