Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1823

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2004-1823
Last Modified 05 Sep 2008 04:42:26
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2004-1823

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Jelsoft vBulletin 2.0 beta 3 through 3.0 can4 allows remote attackers to inject arbitrary web script or HTML via the (1) page parameter to showthread.php or (2) order parameter to forumdisplay.php.

Vulnerable Systems

Application

  • Jelsoft Vbulletin 3.0.0

  • Jelsoft Vbulletin 3.0.0 Can4


References

SECUNIA - 11142

XF - vbulletin-showthread-xss(15495)

BID - 9889

BID - 9888

BUGTRAQ - 20040316 JelSoft vBulletin Multiple XSS Vulnerabilities

OSVDB - 4311

OSVDB - 4310

SECTRACK - 1009440


Last Updated: 27 May 2016 10:39:12