CVE-2005-1832

Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 and earlier allow remote attackers to execute arbitrary web script or HTML via the (1) forums, (2) version, or (3) limit parameter to misc.php, (4) page or (5) datecut parameter to forumdisplay.php, (6) username, (7) email, or (8) email2 parameter to member.php, (9) page or (10) usersearch parameter to memberlist.php, (11) pid or (12) tid parameter to showthread.php, or (13) tid parameter to printthread.php.
Configurations

Configuration 1 (hide)

cpe:2.3:a:mybulletinboard:mybulletinboard:*:*:*:*:*:*:*:*

History

20 Nov 2024, 23:58

Type Values Removed Values Added
References () http://marc.info/?l=bugtraq&m=111757191118050&w=2 - () http://marc.info/?l=bugtraq&m=111757191118050&w=2 -
References () http://secunia.com/advisories/15552 - Exploit, Patch, Vendor Advisory () http://secunia.com/advisories/15552 - Exploit, Patch, Vendor Advisory
References () http://www.mybboard.com/community/showthread.php?tid=2559 - Exploit, Patch, Vendor Advisory () http://www.mybboard.com/community/showthread.php?tid=2559 - Exploit, Patch, Vendor Advisory

Information

Published : 2005-05-31 04:00

Updated : 2024-11-20 23:58


NVD link : CVE-2005-1832

Mitre link : CVE-2005-1832

CVE.ORG link : CVE-2005-1832


JSON object : View

Products Affected

mybulletinboard

  • mybulletinboard