Lucene search
HistoryJul 19, 2004 - 4:00 a.m.
CVE-2004-2055
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.9 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
77.6%
Cross-site scripting (XSS) vulnerability in search.php for PhpBB 2.0.4 and 2.0.9 allows remote attackers to inject arbitrary HTMl or web script via the search_author parameter.
Affected configurations
Node
phpbb_groupphpbbMatch2.0.0
ORphpbb_groupphpbbMatch2.0.1
ORphpbb_groupphpbbMatch2.0.2
ORphpbb_groupphpbbMatch2.0.3
ORphpbb_groupphpbbMatch2.0.4
ORphpbb_groupphpbbMatch2.0.5
ORphpbb_groupphpbbMatch2.0.6
ORphpbb_groupphpbbMatch2.0.6c
ORphpbb_groupphpbbMatch2.0.6d
ORphpbb_groupphpbbMatch2.0.7
ORphpbb_groupphpbbMatch2.0.7a
ORphpbb_groupphpbbMatch2.0.8
ORphpbb_groupphpbbMatch2.0.8a
ORphpbb_groupphpbbMatch2.0.9
ORphpbb_groupphpbbMatch2.0_beta1
ORphpbb_groupphpbbMatch2.0_rc1
ORphpbb_groupphpbbMatch2.0_rc2
ORphpbb_groupphpbbMatch2.0_rc3
ORphpbb_groupphpbbMatch2.0_rc4
Related
cve
cve
CVE-2004-2055
2005-05-10 04:00:00
cvelist
cvelist
CVE-2004-2055
2005-05-10 04:00:00
openvas
openvas
phpBB < 2.0.10
2005-11-03 00:00:00
phpBB < 2.0.10 Multiple Vulnerabilities
2005-11-03 00:00:00
nessus
nessus
phpBB < 2.0.10 Multiple XSS
2004-07-26 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.9 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
77.6%
Related for NVD:CVE-2004-2055