Vulnerabilities > CVE-2006-0877 - HTML Injection vulnerability in Easy Forum Easy Forum 2.5

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
easy-forum
exploit available

Summary

Cross-site scripting vulnerability in Easy Forum 2.5 allows remote attackers to inject arbitrary web script or HTML via the image variable.

Vulnerable Configurations

Part Description Count
Application
Easy_Forum
1

Exploit-Db

descriptionEasy Forum 2.5 New User Image File HTML Injection Vulnerability. CVE-2006-0877. Webapps exploit for php platform
idEDB-ID:27354
last seen2016-02-03
modified2006-03-04
published2006-03-04
reporterAliaksandr Hartsuyeu
sourcehttps://www.exploit-db.com/download/27354/
titleEasy Forum 2.5 New User Image File HTML Injection Vulnerability

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/44414/EV0085.txt
idPACKETSTORM:44414
last seen2016-12-05
published2006-03-08
reporterAliaksandr Hartsuyeu
sourcehttps://packetstormsecurity.com/files/44414/EV0085.txt.html
titleEV0085.txt