Lucene search

MitreCVE-2005-1115

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-1115

2005-05-0204:00:00

mitre

web.nvd.nist.gov

cve

2005

1115

xss

vulnerability

photo album

phpbb

remote attackers

web script

html

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.005

Percentile

77.5%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Photo Album 2.0.53 module for phpBB allow remote attackers to inject arbitrary web script or HTML via the bsid parameter to (1) album_cat.php or (2) album_comment.php.

Affected configurations

Nvd

Node

phpbb_groupphpbbMatch2.0.0

phpbb_groupphpbbMatch2.0.1

phpbb_groupphpbbMatch2.0.2

phpbb_groupphpbbMatch2.0.3

phpbb_groupphpbbMatch2.0.4

phpbb_groupphpbbMatch2.0.5

phpbb_groupphpbbMatch2.0.6

phpbb_groupphpbbMatch2.0.6c

phpbb_groupphpbbMatch2.0.6d

phpbb_groupphpbbMatch2.0.7

phpbb_groupphpbbMatch2.0.7a

phpbb_groupphpbbMatch2.0.8

phpbb_groupphpbbMatch2.0.8a

phpbb_groupphpbbMatch2.0.9

phpbb_groupphpbbMatch2.0.10

phpbb_groupphpbbMatch2.0.11

phpbb_groupphpbbMatch2.0.12

phpbb_groupphpbbMatch2.0.13

smartorphoto_albumMatch2.0.53

VendorProductVersionCPE
phpbb_groupphpbb2.0.0cpe:2.3:a:phpbb_group:phpbb:2.0.0:*:*:*:*:*:*:*
phpbb_groupphpbb2.0.1cpe:2.3:a:phpbb_group:phpbb:2.0.1:*:*:*:*:*:*:*
phpbb_groupphpbb2.0.2cpe:2.3:a:phpbb_group:phpbb:2.0.2:*:*:*:*:*:*:*
phpbb_groupphpbb2.0.3cpe:2.3:a:phpbb_group:phpbb:2.0.3:*:*:*:*:*:*:*
phpbb_groupphpbb2.0.4cpe:2.3:a:phpbb_group:phpbb:2.0.4:*:*:*:*:*:*:*
phpbb_groupphpbb2.0.5cpe:2.3:a:phpbb_group:phpbb:2.0.5:*:*:*:*:*:*:*
phpbb_groupphpbb2.0.6cpe:2.3:a:phpbb_group:phpbb:2.0.6:*:*:*:*:*:*:*
phpbb_groupphpbb2.0.6ccpe:2.3:a:phpbb_group:phpbb:2.0.6c:*:*:*:*:*:*:*
phpbb_groupphpbb2.0.6dcpe:2.3:a:phpbb_group:phpbb:2.0.6d:*:*:*:*:*:*:*
phpbb_groupphpbb2.0.7cpe:2.3:a:phpbb_group:phpbb:2.0.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
phpbb_group	phpbb	2.0.0	cpe:2.3:a:phpbb_group:phpbb:2.0.0:::::::*
phpbb_group	phpbb	2.0.1	cpe:2.3:a:phpbb_group:phpbb:2.0.1:::::::*
phpbb_group	phpbb	2.0.2	cpe:2.3:a:phpbb_group:phpbb:2.0.2:::::::*
phpbb_group	phpbb	2.0.3	cpe:2.3:a:phpbb_group:phpbb:2.0.3:::::::*
phpbb_group	phpbb	2.0.4	cpe:2.3:a:phpbb_group:phpbb:2.0.4:::::::*
phpbb_group	phpbb	2.0.5	cpe:2.3:a:phpbb_group:phpbb:2.0.5:::::::*
phpbb_group	phpbb	2.0.6	cpe:2.3:a:phpbb_group:phpbb:2.0.6:::::::*
phpbb_group	phpbb	2.0.6c	cpe:2.3:a:phpbb_group:phpbb:2.0.6c:::::::*
phpbb_group	phpbb	2.0.6d	cpe:2.3:a:phpbb_group:phpbb:2.0.6d:::::::*
phpbb_group	phpbb	2.0.7	cpe:2.3:a:phpbb_group:phpbb:2.0.7:::::::*

Rows per page:

1-10 of 191

References

marc.info/?l=bugtraq&m=111343406309969&w=2

www.digitalparadox.org/advisories/phpbbp.txt

www.securityfocus.com/bid/13157

www.securityfocus.com/bid/13158

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.005

Percentile

77.5%

JSON

Related for CVE-2005-1115