CVE-2004-1809

2005-05-1004:00:00

mitre

www.cve.org

AI Score

5.7

Confidence

High

EPSS

0.004

Percentile

74.7%

JSON

Cross-site scripting (XSS) vulnerability in phpBB 2.0.6d and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) postdays parameter to viewtopic.php or (2) topicdays parameter to viewforum.php.

References

marc.info/?l=bugtraq&m=107920498205324&w=2

secunia.com/advisories/11121

www.osvdb.org/4257

www.osvdb.org/4259

www.phpbb.com/support/documents.php?mode=changelog#206

www.securityfocus.com/bid/9865

www.securityfocus.com/bid/9866

exchange.xforce.ibmcloud.com/vulnerabilities/15464