Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0339

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2004-0339
Last Modified 05 Sep 2008 04:38:10
Published 23 Nov 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2004-0339

Summary

Cross-site scripting (XSS) vulnerability in ViewTopic.php in phpBB, possibly 2.0.6c and earlier, allows remote attackers to execute arbitrary script or HTML as other users via the postorder parameter.

Vulnerable Systems

Application

  • Phpbb Group Phpbb 2.0

  • Phpbb Group Phpbb 2.0 Rc4

  • Phpbb Group Phpbb 2.0.1

  • Phpbb Group Phpbb 2.0.2

  • Phpbb Group Phpbb 2.0.3

  • Phpbb Group Phpbb 2.0.4

  • Phpbb Group Phpbb 2.0.5

  • Phpbb Group Phpbb 2.0.6

  • Phpbb Group Phpbb 2.0.6c


References

BID - 9765

XF - phpbb-viewtopicphp-xss(15348)

BUGTRAQ - 20040228 New phpBB ViewTopic.php Cross Site Scripting Vulnerability


Last Updated: 27 May 2016 10:38:34