Lucene search

MitreCVE-2004-1823

HistoryMay 10, 2005 - 4:00 a.m.

CVE-2004-1823

2005-05-1004:00:00

mitre

web.nvd.nist.gov

cve-2004-1823

cross-site scripting

xss

jelsoft vbulletin

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

Confidence

High

EPSS

0.017

Percentile

88.0%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Jelsoft vBulletin 2.0 beta 3 through 3.0 can4 allows remote attackers to inject arbitrary web script or HTML via the (1) page parameter to showthread.php or (2) order parameter to forumdisplay.php.

Affected configurations

Nvd

Node

jelsoftvbulletinMatch3.0.0

jelsoftvbulletinMatch3.0.0_can4

VendorProductVersionCPE
jelsoftvbulletin3.0.0cpe:2.3:a:jelsoft:vbulletin:3.0.0:*:*:*:*:*:*:*
jelsoftvbulletin3.0.0_can4cpe:2.3:a:jelsoft:vbulletin:3.0.0_can4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
jelsoft	vbulletin	3.0.0	cpe:2.3:a:jelsoft:vbulletin:3.0.0:::::::*
jelsoft	vbulletin	3.0.0_can4	cpe:2.3:a:jelsoft:vbulletin:3.0.0_can4:::::::*

References

marc.info/?l=bugtraq&m=107945556112453&w=2

secunia.com/advisories/11142

securitytracker.com/id?1009440

www.osvdb.org/4310

www.osvdb.org/4311

www.securityfocus.com/bid/9888

www.securityfocus.com/bid/9889

exchange.xforce.ibmcloud.com/vulnerabilities/15495

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

Confidence

High

EPSS

0.017

Percentile

88.0%

JSON

Related for CVE-2004-1823