Lucene search

[email protected]CVE-2005-2588

HistoryAug 17, 2005 - 4:00 a.m.

CVE-2005-2588

2005-08-1704:00:00

[email protected]

web.nvd.nist.gov

vulnerability

xss

dvbbs 7.1

remote attackers

web script

html

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

Confidence

High

EPSS

0.006

Percentile

78.0%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in DVBBS 7.1 SP2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the page parameter to dispbbs.asp, (2) name parameter to dispuser.asp, or the (3) title, (4) view, or (5) act parameter to boardhelp.asp.

Affected configurations

NVD

Node

dvbbsdvbbsMatch7.1

dvbbsdvbbsMatch7.1_sp2

VendorProductVersionCPE
dvbbsdvbbs7.1+sp2cpe:/a:dvbbs:dvbbs:7.1+sp2:::
dvbbsdvbbs7.1cpe:/a:dvbbs:dvbbs:7.1:::

Vendor	Product	Version	CPE
dvbbs	dvbbs	7.1+sp2	cpe:/a:dvbbs:dvbbs:7.1+sp2:::
dvbbs	dvbbs	7.1	cpe:/a:dvbbs:dvbbs:7.1:::

References

lostmon.blogspot.com/2005/08/dvbbs-multiple-variable-cross-site.html

secunia.com/advisories/16131

securitytracker.com/id?1014632

www.osvdb.org/18512

www.securityfocus.com/bid/14498

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

Confidence

High

EPSS

0.006

Percentile

78.0%

JSON

Related for CVE-2005-2588

cvelist1 nvd1