Vulnerabilities > CVE-2005-2542 - Cross-Site Scripting vulnerability in Invision Power Board Attached File

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
invision-power-services
exploit available

Summary

Invision Power Board (IPB) 1.0.3 allows remote attackers to inject arbitrary web script or HTML via an attachment, which is automatically downloaded and processed as HTML.

Exploit-Db

descriptionInvision Power Board 1.0.3 Attached File Cross-Site Scripting Vulnerability. CVE-2005-2542. Webapps exploit for php platform
idEDB-ID:26104
last seen2016-02-03
modified2005-08-08
published2005-08-08
reporterV[i]RuS
sourcehttps://www.exploit-db.com/download/26104/
titleInvision Power Board 1.0.3 Attached File Cross-Site Scripting Vulnerability