Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4460

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2005-4460
Last Modified 07 Mar 2011 09:28:18
Published 21 Dec 2005 03:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2005-4460

Summary

Cross-site scripting (XSS) vulnerability in Beehive Forum 0.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Description, and (3) Comment fields to (a) links.php and (b) links_add.php.

Vulnerable Systems

Application

  • Beehive Forum 0.1

  • Beehive Forum 0.1.1

  • Beehive Forum 0.2

  • Beehive Forum 0.3

  • Beehive Forum 0.3.1

  • Beehive Forum 0.4

  • Beehive Forum 0.5

  • Beehive Forum 0.6.2

  • Beehive Forum 0.6rc1

  • Beehive Forum 0.6rc2


References

VUPEN - ADV-2005-3043

BUGTRAQ - 20051221 [KAPDA::#17] - beehiveforum Script Injection

MISC - http://cvs.sourceforge.net/viewcvs.py/beehiveforum/beehiveforum/forum/index.php?rev=1.121&view=log

XF - beehive-links-linksadd-xss(23879)

BID - 16002

SECUNIA - 18154


Last Updated: 27 May 2016 10:41:18