Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2588

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-2588
Last Modified 05 Sep 2008 04:52:09
Published 17 Aug 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-2588

Summary

Multiple cross-site scripting (XSS) vulnerabilities in DVBBS 7.1 SP2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the page parameter to dispbbs.asp, (2) name parameter to dispuser.asp, or the (3) title, (4) view, or (5) act parameter to boardhelp.asp.

Vulnerable Systems

Application

  • Dvbbs 7.1

  • Dvbbs 7.1 Sp2


References

OSVDB - 18512

SECTRACK - 1014632

SECUNIA - 16131

MISC - http://lostmon.blogspot.com/2005/08/dvbbs-multiple-variable-cross-site.html

BID - 14498


Last Updated: 27 May 2016 10:40:34