Vulnerabilities > CVE-2006-4080 - Cross-Site Scripting vulnerability in DeluxeBB
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
DeluxeBB 1.08, and possibly earlier, uses cookies that include the MD5 hash of a password, which allows remote attackers to gain privileges by sniffing or cross-site scripting (XSS) and conduct password guessing attacks.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 5 |