Vulnerabilities > CVE-2005-2588 - Cross-Site Scripting vulnerability in Dvbbs 7.1/7.1Sp2

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
dvbbs
exploit available
NVD
Published: 2005-08-17
Updated: 2008-09-05

Summary

Multiple cross-site scripting (XSS) vulnerabilities in DVBBS 7.1 SP2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the page parameter to dispbbs.asp, (2) name parameter to dispuser.asp, or the (3) title, (4) view, or (5) act parameter to boardhelp.asp.

Vulnerable Configurations

Part Description Count
Application
Dvbbs
2

Exploit-Db

  • descriptionDvbbs 7.1/8.2 boardhelp.asp Multiple Parameter XSS. CVE-2005-2588. Webapps exploit for asp platform
    idEDB-ID:26109
    last seen2016-02-03
    modified2005-08-08
    published2005-08-08
    reporterLostmon
    sourcehttps://www.exploit-db.com/download/26109/
    titleDvbbs 7.1/8.2 boardhelp.asp Multiple Parameter XSS
  • descriptionDvbbs 7.1/8.2 dispuser.asp name Parameter XSS. CVE-2005-2588. Webapps exploit for asp platform
    idEDB-ID:26108
    last seen2016-02-03
    modified2005-08-08
    published2005-08-08
    reporterLostmon
    sourcehttps://www.exploit-db.com/download/26108/
    titleDvbbs 7.1/8.2 dispuser.asp name Parameter XSS

References