Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2299

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-2299
Last Modified 05 Sep 2008 04:51:24
Published 19 Jul 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-2299

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Simple Message Board Version 2.0 Beta 1 allow remote attackers to inject arbitrary web script or HTML via the (1) FID parameter to forum.cfm, (2) UID parameter to user.cfm, (3) TID parameter to thread.cfm, or (4) PostDate parameter to search.cfm.

Vulnerable Systems


References

BID - 14266

SECTRACK - 1014494

BUGTRAQ - 20050714 XSS in forums Simple Message Board Version 2.0 Beta 1

BID - 14269

BID - 14268

BID - 14267


Last Updated: 27 May 2016 10:40:28