Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3260

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-3260
Last Modified 10 Sep 2008 03:46:07
Published 20 Oct 2005 06:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-3260

Summary

Multiple cross-site scripting (XSS) vulnerabilities in versatileBulletinBoard (vBB) 1.0.0 RC2 allow remote attackers to inject arbitrary web script or HTML via (1) the url parameter in dereferrer.php and (2) the file parameter in imagewin.php.

Vulnerable Systems

Application

  • Versatilebulletinboard 1.0.0.rc2


References

BID - 15073

SECUNIA - 17174

MISC - http://rgod.altervista.org/versatile100RC2.html

BUGTRAQ - 20051010 versatileBulletinBoard V1.0.0 RC2 (possibly prior versions)

OSVDB - 19971

OSVDB - 19970

OSVDB - 19969


Last Updated: 27 May 2016 10:40:52