Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2720

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2004-2720
Last Modified 05 Sep 2008 04:44:55
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2004-2720

Summary

Cross-site scripting (XSS) vulnerability in register.asp in Snitz Forums 2000 3.4.04 and earlier allows remote attackers to inject arbitrary web script or HTML via javascript events in the Email parameter.

Vulnerable Systems

Application

  • Snitz Communications Snitz Forums 2000 3.4.04


References

BID - 10564

SECTRACK - 1010524

XF - snitz-input-validation-xss(16444)

BUGTRAQ - 20040617 XSS in Snitz Forum 2000

OSVDB - 7190

SECUNIA - 11895

CONFIRM - http://forum.snitz.com/forum/topic.asp?TOPIC_ID=53360

SREASON - 3200


Last Updated: 27 May 2016 10:39:36