1. CVE-Search
  2. CVE-2005-4642
ID CVE-2005-4642
Summary Multiple cross-site scripting (XSS) vulnerabilities in HydroBB 1.0.0 Beta 2 allow remote attackers to inject arbitrary web script or HTML via the s parameter to (1) search.php, (2) members.php, (3) stats.php, (4) viewforum.php, (5) register.php, (6) usercp.php, (7) groups.php, (8) pms.php, and (9) calendar.php.
References
Vulnerable Configurations
  • cpe:2.3:a:hydrobb:hydrobb:1.0.0_beta_2:*:*:*:*:*:*:*
    cpe:2.3:a:hydrobb:hydrobb:1.0.0_beta_2:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 20-07-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
refmap via4
misc http://pridels0.blogspot.com/2005/11/xss-in-hydrobb.html
osvdb
  • 21293
  • 21294
  • 21295
  • 21296
  • 21297
  • 21298
  • 21299
  • 21300
  • 21301
vupen ADV-2005-2562
xf hydrobb-multiple-xss(23299)
Last major update 20-07-2017 - 01:29
Published 31-12-2005 - 05:00
Last modified 20-07-2017 - 01:29
Back to Top