Vulnerabilities > CVE-2002-0590 - Unspecified vulnerability in Icredibb 1.1Beta

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

icredibb

exploit available

NVD

Published: 2002-06-18

Updated: 2008-09-05

Summary

Cross-site scripting (CSS) vulnerability in IcrediBB 1.1 Beta allows remote attackers to execute arbitrary script and steal cookies as other IcrediBB users via the (1) title or (2) body of posts.

Vulnerable Configurations

Part	Description	Count
Application	Icredibb Icredibb Icredibb 1.1_Beta	1

Exploit-Db

description	IcrediBB 1.1 Script Injection Vulnerability. CVE-2002-0590. Webapps exploit for php platform
id	EDB-ID:21399
last seen	2016-02-02
modified	2002-04-19
published	2002-04-19
reporter	Daniel NystrÃ¶m
source	https://www.exploit-db.com/download/21399/
title	IcrediBB 1.1 Script Injection Vulnerability

References

http://archives.neohapsis.com/archives/bugtraq/2002-04/0263.html
http://www.iss.net/security_center/static/8879.php
http://www.securityfocus.com/bid/4548