The avatar upload capability in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to execute arbitrary script by uploading files that include scripting code such as Javascript.
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=108301983206107&w=2 | |
http://secunia.com/advisories/11481 | Vendor Advisory |
http://securitytracker.com/id?1009935 | Vendor Advisory |
http://www.securityfocus.com/bid/10218 | Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/15971 | |
http://marc.info/?l=bugtraq&m=108301983206107&w=2 | |
http://secunia.com/advisories/11481 | Vendor Advisory |
http://securitytracker.com/id?1009935 | Vendor Advisory |
http://www.securityfocus.com/bid/10218 | Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/15971 |
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 23:52
Type | Values Removed | Values Added |
---|---|---|
References | () http://marc.info/?l=bugtraq&m=108301983206107&w=2 - | |
References | () http://secunia.com/advisories/11481 - Vendor Advisory | |
References | () http://securitytracker.com/id?1009935 - Vendor Advisory | |
References | () http://www.securityfocus.com/bid/10218 - Vendor Advisory | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/15971 - |
Information
Published : 2004-04-25 04:00
Updated : 2024-11-20 23:52
NVD link : CVE-2004-1969
Mitre link : CVE-2004-1969
CVE.ORG link : CVE-2004-1969
JSON object : View
Products Affected
openbb
- openbb
CWE