Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2005-2004
HistoryJun 17, 2005 - 4:00 a.m.

CVE-2005-2004

2005-06-1704:00:00
NVD-CWE-Other
[email protected]
web.nvd.nist.gov
25
cve-2005-2004
cross-site scripting
ultimate php board
remote attackers
web script injection
html injection
nvd

6.2 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

68.7%

JSON

Multiple cross-site scripting vulnerabilities in Ultimate PHP Board (UPB) 1.9.6 GOLD and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ref parameter to login.php, (2) id or (3) page parameter to viewtopic.php, id parameter to (4) profile.php, (5) newpost.php, (6) email.php, (7) icq.php, or (8) aol.php, (9) t_id parameter to newpost.php, (10) ref parameter to getpass.php, or (11) sText parameter to search.php.

Related

nessus 1
openvas 1
nessus
nessus
Ultimate PHP Board 1.9.6 GOLD Multiple Scripts XSS (2)
2005-08-24 00:00:00
openvas
openvas
Ultimate PHP Board multiple XSS flaws
2006-03-26 00:00:00

6.2 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

68.7%

JSON
Related for CVE-2005-2004
nessus1openvas1