4.3
CVE-2005-4078
- EPSS 1.67%
- Veröffentlicht 08.12.2005 01:03:00
- Zuletzt bearbeitet 16.06.2026 22:18:10
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple cross-site scripting (XSS) vulnerabilities in Ideal BB.NET 1.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) forumID, (2) boardID, and (3) topicRepeater1-p parameters in topics.aspx, (4) boardID parameter in categoryindex.aspx, (5) postID parameter in posts.aspx, (6) catID parameter in forums.aspx, and (7) memberID parameter in member.aspx.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ideal Science ≫ Ideal Bb.Net Version <= 1.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.67% | 0.738 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://pridels0.blogspot.com/2005/12/ideal-bbnet-13-xss-vuln.html
http://secunia.com/advisories/17906
http://www.osvdb.org/21511
http://www.osvdb.org/21512
http://www.osvdb.org/21513
http://www.osvdb.org/21514
http://www.osvdb.org/21515
http://www.vupen.com/english/advisories/2005/2757
https://exchange.xforce.ibmcloud.com/vulnerabilities/23471