1. CVE-Search
  2. CVE-2005-1115
ID CVE-2005-1115
Summary Multiple cross-site scripting (XSS) vulnerabilities in Photo Album 2.0.53 module for phpBB allow remote attackers to inject arbitrary web script or HTML via the bsid parameter to (1) album_cat.php or (2) album_comment.php.
References
Vulnerable Configurations
  • cpe:2.3:a:phpbb_group:phpbb:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:phpbb_group:phpbb:2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:phpbb_group:phpbb:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:phpbb_group:phpbb:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:phpbb_group:phpbb:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:phpbb_group:phpbb:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:phpbb_group:phpbb:2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:phpbb_group:phpbb:2.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:phpbb_group:phpbb:2.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:phpbb_group:phpbb:2.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:phpbb_group:phpbb:2.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:phpbb_group:phpbb:2.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:phpbb_group:phpbb:2.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:phpbb_group:phpbb:2.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:phpbb_group:phpbb:2.0.6c:*:*:*:*:*:*:*
    cpe:2.3:a:phpbb_group:phpbb:2.0.6c:*:*:*:*:*:*:*
  • cpe:2.3:a:phpbb_group:phpbb:2.0.6d:*:*:*:*:*:*:*
    cpe:2.3:a:phpbb_group:phpbb:2.0.6d:*:*:*:*:*:*:*
  • cpe:2.3:a:phpbb_group:phpbb:2.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:phpbb_group:phpbb:2.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:phpbb_group:phpbb:2.0.7a:*:*:*:*:*:*:*
    cpe:2.3:a:phpbb_group:phpbb:2.0.7a:*:*:*:*:*:*:*
  • cpe:2.3:a:phpbb_group:phpbb:2.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:phpbb_group:phpbb:2.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:phpbb_group:phpbb:2.0.8a:*:*:*:*:*:*:*
    cpe:2.3:a:phpbb_group:phpbb:2.0.8a:*:*:*:*:*:*:*
  • cpe:2.3:a:phpbb_group:phpbb:2.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:phpbb_group:phpbb:2.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:phpbb_group:phpbb:2.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:phpbb_group:phpbb:2.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:phpbb_group:phpbb:2.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:phpbb_group:phpbb:2.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:phpbb_group:phpbb:2.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:phpbb_group:phpbb:2.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:phpbb_group:phpbb:2.0.13:*:*:*:*:*:*:*
    cpe:2.3:a:phpbb_group:phpbb:2.0.13:*:*:*:*:*:*:*
  • cpe:2.3:a:smartor:photo_album:2.0.53:*:*:*:*:*:*:*
    cpe:2.3:a:smartor:photo_album:2.0.53:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 18-10-2016 - 03:17)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
refmap via4
bid
  • 13157
  • 13158
bugtraq 20050413 Multiple Sql injection and XSS vulnerabilities in phpBB Plus and below and some of its modules
misc http://www.digitalparadox.org/advisories/phpbbp.txt
Last major update 18-10-2016 - 03:17
Published 02-05-2005 - 04:00
Last modified 18-10-2016 - 03:17
Back to Top