Vulnerabilities > CVE-2004-0319 - HTML Injection vulnerability in Ezboard 7.3U

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
ezboard
exploit available

Summary

Cross-site scripting (XSS) vulnerability in the font tag in ezBoard 7.3u allows remote attackers to execute arbitrary script as other users, as demonstrated using the background:url in a (1) font color or (2) font face argument.

Vulnerable Configurations

Part Description Count
Application
Ezboard
1

Exploit-Db

descriptionEZBoard 7.3 Font Tag HTML Injection Vulnerability. CVE-2004-0319. Webapps exploit for php platform
idEDB-ID:23744
last seen2016-02-02
modified2004-02-23
published2004-02-23
reporterCheng Peng Su
sourcehttps://www.exploit-db.com/download/23744/
titleEZBoard 7.3 Font Tag HTML Injection Vulnerability