Vulnerability CVE-2005-4333

Vulnerability CVE-2005-4333

Published: 2005-12-17 Modified: 2012-02-12

Description:

Multiple cross-site scripting (XSS) vulnerabilities in Binary Board System (BBS) 0.2.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) inreplyto, (2) article, and (3) board parameters to reply.pl, (4) branch, (5) board, and (6) stats.pl parameters to (b) stats.pl, and (7) board parameter to (c) toc.pl.

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.3/10	2.9/10	8.6/10

Exploit range	Attack complexity	Authentication
Remote	Medium	No required
Confidentiality impact	Integrity impact	Availability impact
None	Partial	None

Affected software
Binary-concepts -> Binary board system

References:

http://www.securityfocus.com/bid/15913

http://www.osvdb.org/21895

http://www.osvdb.org/21894

http://www.osvdb.org/21893

http://pridels0.blogspot.com/2005/12/binary-board-system-xss-vuln.html

Copyright 2024, cxsecurity.com