Vulnerabilities > CVE-2004-1965 - Input Validation vulnerability in OpenBB

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
openbb
exploit available
NVD
Published: 2004-04-25
Updated: 2017-07-11

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) redirect parameter to member.php, (2) to parameter to myhome.php (3) TID parameter to post.php, or (4) redirect parameter to index.php.

Vulnerable Configurations

Part Description Count
Application
Openbb
7

Exploit-Db

  • descriptionOpenBB 1.0.x post.php TID Parameter XSS. CVE-2004-1965. Webapps exploit for php platform
    idEDB-ID:24054
    last seen2016-02-02
    modified2004-04-26
    published2004-04-26
    reporterJeiAr
    sourcehttps://www.exploit-db.com/download/24054/
    titleOpenBB 1.0.x post.php TID Parameter XSS
  • descriptionOpenBB < 1.0.6 - Multiple Vulnerabilities. CVE-2004-1965. Webapps exploit for PHP platform
    idEDB-ID:43811
    last seen2018-01-24
    modified2004-04-24
    published2004-04-24
    reporterExploit-DB
    sourcehttps://www.exploit-db.com/download/43811/
    titleOpenBB < 1.0.6 - Multiple Vulnerabilities
  • descriptionOpenBB 1.0.x member.php redirect Parameter XSS. CVE-2004-1965. Webapps exploit for php platform
    idEDB-ID:24052
    last seen2016-02-02
    modified2004-04-26
    published2004-04-26
    reporterJeiAr
    sourcehttps://www.exploit-db.com/download/24052/
    titleOpenBB 1.0.x member.php redirect Parameter XSS
  • descriptionOpenBB 1.0.x index.php redirect Parameter XSS. CVE-2004-1965. Webapps exploit for php platform
    idEDB-ID:24055
    last seen2016-02-02
    modified2004-04-26
    published2004-04-26
    reporterJeiAr
    sourcehttps://www.exploit-db.com/download/24055/
    titleOpenBB 1.0.x index.php redirect Parameter XSS
  • descriptionOpenBB 1.0.x myhome.php to Parameter XSS. CVE-2004-1965. Webapps exploit for php platform
    idEDB-ID:24053
    last seen2016-02-02
    modified2004-04-26
    published2004-04-26
    reporterJeiAr
    sourcehttps://www.exploit-db.com/download/24053/
    titleOpenBB 1.0.x myhome.php to Parameter XSS

References