CVE Vulnerabilities

CVE-2004-1967

Published: Apr 25, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Cross-site request forgery (CSRF) vulnerabilities in (1) cp_forums.php, (2) cp_usergroup.php, (3) cp_ipbans.php, (4) myhome.php, (5) post.php, or (6) moderator.php in Open Bulletin Board (OpenBB) 1.0.6 and earlier allow remote attackers to execute arbitrary code by including the code in an image tag or a link.

Affected Software

Name Vendor Start Version End Version
Openbb Openbb 1.0.0_beta1 1.0.0_beta1
Openbb Openbb 1.0.0_rc1 1.0.0_rc1
Openbb Openbb 1.0.0_rc2 1.0.0_rc2
Openbb Openbb 1.0.0_rc3 1.0.0_rc3
Openbb Openbb 1.0.5 1.0.5
Openbb Openbb 1.0.6 1.0.6

References