Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2783

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-2783
Last Modified 05 Sep 2008 04:52:41
Published 02 Sep 2005 07:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-2783

Summary

Cross-site scripting (XSS) vulnerability in PHP-Fusion 6.00.107 and earlier allows remote attackers to inject arbitrary web script or HTML via nested, malformed URL BBCode tags.

Vulnerable Systems

Application

  • Php Fusion 4.00

  • Php Fusion 4.01

  • Php Fusion 5.0

  • Php Fusion 5.01 Service Pack

  • Php Fusion 6.0.105

  • Php Fusion 6.0.106

  • Php Fusion 6.0.107


References

XF - phpfusion-bbcode-tags-xss(22056)

BID - 14688

SECUNIA - 16632

BUGTRAQ - 20050828 PHP-Fusion <= v6.00.107 XSS exploit


Last Updated: 27 May 2016 10:40:38