Vulnerabilities > CVE-2005-2441 - Cross-Site Scripting vulnerability in VBZooM Forum
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Multiple cross-site scripting (XSS) vulnerabilities in VBzoom allow remote attackers to inject arbitrary web script and HTML via the (1) UserName parameter to profile.php or (2) UserID parameter to login.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description VBZoom 1.0/1.11 profile.php UserName Parameter XSS. CVE-2005-2441. Webapps exploit for php platform id EDB-ID:26049 last seen 2016-02-03 modified 2005-07-29 published 2005-07-29 reporter almaster source https://www.exploit-db.com/download/26049/ title VBZoom 1.0/1.11 profile.php UserName Parameter XSS description VBZoom 1.0/1.11 login.php UserID Parameter XSS. CVE-2005-2441 . Webapps exploit for php platform id EDB-ID:26050 last seen 2016-02-03 modified 2005-07-29 published 2005-07-29 reporter almaster source https://www.exploit-db.com/download/26050/ title VBZoom 1.0/1.11 login.php UserID Parameter XSS
References
- http://marc.info/?l=bugtraq&m=112300586019568&w=2
- http://secunia.com/advisories/16220
- http://securitytracker.com/id?1014614
- http://www.osvdb.org/18662
- http://www.osvdb.org/18663
- http://www.securityfocus.com/archive/1/426874/100/0/threaded
- http://www.securityfocus.com/bid/14423
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21680