Lucene search
MitreCVELIST:CVE-2004-0322HistoryMar 18, 2004 - 5:00 a.m.
CVE-2004-0322
2004-03-1805:00:00
mitre
www.cve.org
1
Multiple cross-site scripting (XSS) vulnerabilities in XMB 1.8 Final SP2 allow remote attackers to execute arbitrary script as other users via the (1) member parameter in member.php, (2) uid parameter in u2uadmin.php, (3) user parameter in editprofile.php, (4) an onmouseover event in an align tag when bbcode is allowed, or (5) img tag where bbcode is allowed.
References
archives.neohapsis.com/archives/bugtraq/2004-02/0645.html
marc.info/?l=bugtraq&m=107756526625179&w=2
www.securityfocus.com/bid/9726
www.xmbforum.com/community/boards/viewthread.php?tid=746859
docs.xmbforum2.com/index.php?title=Security_Issue_History
exchange.xforce.ibmcloud.com/vulnerabilities/15292
exchange.xforce.ibmcloud.com/vulnerabilities/15294
Related
exploitdb
exploitdb
XMB Forum 1.8 - 'editprofile.php?user' Cross-Site Scripting
2004-02-23 00:00:00
XMB Forum 1.8 - BBcode align Tag Cross-Site Scripting
2004-02-23 00:00:00
XMB Forum 1.8 - 'u2uadmin.php?uid' Cross-Site Scripting
2004-02-23 00:00:00
nvd
nvd
CVE-2004-0322
2004-02-23 05:00:00
cve
cve
CVE-2004-0322
2004-03-18 05:00:00