Vulnerabilities > CVE-2005-0885 - Unspecified vulnerability in XMB Forum XMB 1.9.1

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

xmb-forum

nessus

NVD

Published: 2005-05-02

Updated: 2021-04-29

Summary

Multiple cross-site scripting (XSS) vulnerabilities in XMB Forum 1.9.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Mood or (2) "Send To" fields.

Vulnerable Configurations

Part	Description	Count
Application	Xmb_Forum XMB Forum XMB 1.9.1	1

Nessus

NASL family	CGI abuses
NASL id	XMB_MULTIPLE_XSS.NASL
description	The remote host is running XMB Forum, a web forum written in PHP. According to its banner, the version of XMB installed on the remote host suffers from cross-site scripting, SQL injection, and input validation vulnerabilities.
last seen	2020-06-01
modified	2020-06-02
plugin id	17608
published	2005-03-24
reporter	This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/17608
title	XMB Forum < 1.9.10 Multiple Vulnerabilities

Statements

contributor
lastmodified	2008-12-11
organization	XMB
statement	XMB versions 1.9.8 and later were checked and are not vulnerable.

Summary

Vulnerable Configurations

Nessus

Statements

References