Vulnerabilities > CVE-2005-0885 - Unspecified vulnerability in XMB Forum XMB 1.9.1

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
xmb-forum
nessus
NVD
Published: 2005-05-02
Updated: 2021-04-29

Summary

Multiple cross-site scripting (XSS) vulnerabilities in XMB Forum 1.9.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Mood or (2) "Send To" fields.

Vulnerable Configurations

Part Description Count
Application
Xmb_Forum
1

Nessus

NASL familyCGI abuses
NASL idXMB_MULTIPLE_XSS.NASL
descriptionThe remote host is running XMB Forum, a web forum written in PHP. According to its banner, the version of XMB installed on the remote host suffers from cross-site scripting, SQL injection, and input validation vulnerabilities.
last seen2020-06-01
modified2020-06-02
plugin id17608
published2005-03-24
reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/17608
titleXMB Forum < 1.9.10 Multiple Vulnerabilities

Statements

contributor
lastmodified2008-12-11
organizationXMB
statementXMB versions 1.9.8 and later were checked and are not vulnerable.

References