Lucene search

[email protected]CVE-2004-2288

HistoryOct 03, 2022 - 4:14 p.m.

CVE-2004-2288

2022-10-0316:14:14

[email protected]

web.nvd.nist.gov

vulnerability

xss

jelsoft vbulletin

index.php

remote attackers

website spoofing

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

48.3%

JSON

Cross-site scripting (XSS) vulnerability in index.php in Jelsoft vBulletin allows remote attackers to spoof parts of a website via the loc parameter.

Affected configurations

NVD

Node

jelsoftvbulletinMatch1.0.1lite

jelsoftvbulletinMatch2.0.3

jelsoftvbulletinMatch2.0_rc2

jelsoftvbulletinMatch2.0_rc3

jelsoftvbulletinMatch2.2.0

jelsoftvbulletinMatch2.2.1

jelsoftvbulletinMatch2.2.2

jelsoftvbulletinMatch2.2.3

jelsoftvbulletinMatch2.2.4

jelsoftvbulletinMatch2.2.5

jelsoftvbulletinMatch2.2.6

jelsoftvbulletinMatch2.2.7

jelsoftvbulletinMatch2.2.8

jelsoftvbulletinMatch2.2.9

jelsoftvbulletinMatch2.3.0

jelsoftvbulletinMatch2.3.2

jelsoftvbulletinMatch2.3.3

jelsoftvbulletinMatch2.3.4

jelsoftvbulletinMatch3.0_beta_2

jelsoftvbulletinMatch3.0_beta_3

jelsoftvbulletinMatch3.0_beta_4

jelsoftvbulletinMatch3.0_beta_5

jelsoftvbulletinMatch3.0_beta_6

jelsoftvbulletinMatch3.0_beta_7

jelsoftvbulletinMatch3.0_gamma

CPENameOperatorVersion
jelsoft:vbulletinjelsoft vbulletineq1.0.1
jelsoft:vbulletinjelsoft vbulletineq2.0.3
jelsoft:vbulletinjelsoft vbulletineq2.0_rc2
jelsoft:vbulletinjelsoft vbulletineq2.0_rc3
jelsoft:vbulletinjelsoft vbulletineq2.2.0
jelsoft:vbulletinjelsoft vbulletineq2.2.1
jelsoft:vbulletinjelsoft vbulletineq2.2.2
jelsoft:vbulletinjelsoft vbulletineq2.2.3
jelsoft:vbulletinjelsoft vbulletineq2.2.4
jelsoft:vbulletinjelsoft vbulletineq2.2.5

CPE	Name	Operator	Version
jelsoft:vbulletin	jelsoft vbulletin	eq	1.0.1
jelsoft:vbulletin	jelsoft vbulletin	eq	2.0.3
jelsoft:vbulletin	jelsoft vbulletin	eq	2.0_rc2
jelsoft:vbulletin	jelsoft vbulletin	eq	2.0_rc3
jelsoft:vbulletin	jelsoft vbulletin	eq	2.2.0
jelsoft:vbulletin	jelsoft vbulletin	eq	2.2.1
jelsoft:vbulletin	jelsoft vbulletin	eq	2.2.2
jelsoft:vbulletin	jelsoft vbulletin	eq	2.2.3
jelsoft:vbulletin	jelsoft vbulletin	eq	2.2.4
jelsoft:vbulletin	jelsoft vbulletin	eq	2.2.5

Rows per page:

1-10 of 251

References

www.infosecurity.org.cn/article/hacker/exploit/16557.html

www.securityfocus.com/bid/10362

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

48.3%

JSON

Related for CVE-2004-2288

cvelist1 nvd1