Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1832

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-1832
Last Modified 05 Sep 2008 04:50:13
Published 31 May 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-1832

Summary

Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 and earlier allow remote attackers to execute arbitrary web script or HTML via the (1) forums, (2) version, or (3) limit parameter to misc.php, (4) page or (5) datecut parameter to forumdisplay.php, (6) username, (7) email, or (8) email2 parameter to member.php, (9) page or (10) usersearch parameter to memberlist.php, (11) pid or (12) tid parameter to showthread.php, or (13) tid parameter to printthread.php.

Vulnerable Systems

Application

  • Mybulletinboard 1.00 Rc4


References

CONFIRM - http://www.mybboard.com/community/showthread.php?tid=2559

SECUNIA - 15552

BUGTRAQ - 20050531 Multiple vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4


Last Updated: 27 May 2016 10:40:18