Lucene search

[email protected]CVE-2005-1811

HistoryJun 01, 2005 - 4:00 a.m.

CVE-2005-1811

2005-06-0104:00:00

[email protected]

web.nvd.nist.gov

mybulletinboard

mybb

usercp.php

xss

vulnerability

remote code injection

web script

html

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.8%

JSON

Cross-site scripting (XSS) vulnerability in usercp.php for MyBulletinBoard (MyBB) allows remote attackers to inject arbitrary web script or HTML via the website field in a user profile.

Affected configurations

NVD

Node

mybulletinboardmybulletinboardMatch1.0_rc4

CPENameOperatorVersion
mybulletinboard:mybulletinboardmybulletinboardeq1.0_rc4

CPE	Name	Operator	Version
mybulletinboard:mybulletinboard	mybulletinboard	eq	1.0_rc4

References

seclists.org/lists/bugtraq/2005/May/0338.html

secunia.com/advisories/15552

securitytracker.com/id?1014081

www.securityfocus.com/bid/13819

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.8%

JSON

Related for CVE-2005-1811

cvelist1 nvd1