Vulnerabilities > CVE-2005-3544 - Unspecified vulnerability in XMB Forum XMB 1.9.3
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting (XSS) vulnerability in u2u.php in XMB 1.9.3 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description XMB 1.9.3 U2U.PHP Cross-Site Scripting Vulnerability. CVE-2005-3544. Webapps exploit for php platform id EDB-ID:26477 last seen 2016-02-03 modified 2005-11-07 published 2005-11-07 reporter HACKERS PAL source https://www.exploit-db.com/download/26477/ title XMB 1.9.3 U2U.PHP Cross-Site Scripting Vulnerability description XMB Forum 1.8/1.9 u2u.php username Parameter XSS. CVE-2005-3544. Webapps exploit for php platform id EDB-ID:27206 last seen 2016-02-03 modified 2006-02-13 published 2006-02-13 reporter James Bercegay source https://www.exploit-db.com/download/27206/ title XMB Forum 1.8/1.9 u2u.php username Parameter XSS
Statements
| contributor | |
| lastmodified | 2008-12-11 |
| organization | XMB |
| statement | XMB versions 1.9.8 and later were checked and are not vulnerable. |
References
- http://secunia.com/advisories/17458
- http://www.securityfocus.com/bid/15342
- http://www.vupen.com/english/advisories/2005/2333
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22990
- http://www.securityfocus.com/archive/1/415800/30/0/threaded
- https://docs.xmbforum2.com/index.php?title=Security_Issue_History