ID |
CVE-2005-0495
|
Summary |
Cross-site scripting (XSS) vulnerability in ZeroBoard allows remote attackers to inject arbitrary web script or HTML via the (1) sn1, (2) year, or (3) page parameter to zboard.php or (4) filename to view_image.php. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:zeroboard:zeroboard:4.1_pl2:*:*:*:*:*:*:*
cpe:2.3:a:zeroboard:zeroboard:4.1_pl2:*:*:*:*:*:*:*
-
cpe:2.3:a:zeroboard:zeroboard:4.1_pl3:*:*:*:*:*:*:*
cpe:2.3:a:zeroboard:zeroboard:4.1_pl3:*:*:*:*:*:*:*
-
cpe:2.3:a:zeroboard:zeroboard:4.1_pl4:*:*:*:*:*:*:*
cpe:2.3:a:zeroboard:zeroboard:4.1_pl4:*:*:*:*:*:*:*
-
cpe:2.3:a:zeroboard:zeroboard:4.1_pl5:*:*:*:*:*:*:*
cpe:2.3:a:zeroboard:zeroboard:4.1_pl5:*:*:*:*:*:*:*
-
cpe:2.3:a:zeroboard:zeroboard:4.1_pl6:*:*:*:*:*:*:*
cpe:2.3:a:zeroboard:zeroboard:4.1_pl6:*:*:*:*:*:*:*
|
CVSS |
Base: | 4.3 (as of 11-07-2017 - 01:32) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
MEDIUM |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
PARTIAL |
NONE |
|
cvss-vector
via4
|
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
refmap
via4
|
bugtraq | 20050219 Multiples vulnerability in ZeroBoard, | sectrack | 1013243 | xf | zeroboard-xss(19420) |
|
Last major update |
11-07-2017 - 01:32 |
Published |
19-02-2005 - 05:00 |
Last modified |
11-07-2017 - 01:32 |