Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1554

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2003-1554
Last Modified 05 Sep 2008 04:37:14
Published 31 Dec 2003 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2003-1554

Summary

Cross-site scripting (XSS) vulnerability in scozbook/add.php in ScozNet ScozBook 1.1 BETA allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) useremail, (3) aim, (4) msn, (5) sitename and (6) siteaddy variables.

Vulnerable Systems

Application

  • Scoznet Scozbook 1.1 Beta


References

XF - scozbook-add-xss(11658)

SECTRACK - 1006413

BID - 7235

BUGTRAQ - 20030329 ScozBook BETA 1.1 vulnerabilities

SECUNIA - 8476

SREASON - 3781


Last Updated: 27 May 2016 10:38:24