CVE-2005-2836

Опубликовано: 07 сент. 2005

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in Phorum 5.0.17a and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the username parameter to register.php or (2) a signature of a logged-in user in "My Control Center," which is not properly handled by control.php.

Ссылки

http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0018.html
Exploit
Patch
Vendor Advisory
http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0048.html
Vendor Advisory
http://secunia.com/advisories/16667
Patch
Vendor Advisory
http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0018.html
Exploit
Patch
Vendor Advisory
http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0048.html
Vendor Advisory
http://secunia.com/advisories/16667
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:phorum:phorum:3.1:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.1.1:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.1.1_pre:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.1.1_rc2:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.1.1a:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.1.2:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.2:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.2.2:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.2.3:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.2.3a:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.2.3b:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.2.4:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.2.5:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.2.6:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.2.7:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.2.8:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.3.1:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.3.1a:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.3.2:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.3.2a:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.3.2b3:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.4:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.4.1:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.4.2:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.4.3:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.4.4:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.4.5:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.4.6:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.4.7:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:3.4.8:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:4.3.7:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:5.0.3_beta:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:5.0.7_beta:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:5.0.9:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:5.0.10:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:5.0.11:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:5.0.12:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:5.0.14:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:5.0.14a:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:5.0.15:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:5.0.16:*:*:*:*:*:*:*

cpe:2.3:a:phorum:phorum:5.0.17:*:*:*:*:*:*:*

EPSS

Процентиль: 62%

0.0043

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-9mwm-h97x-9m6f

github

почти 4 года назад