CVE Vulnerabilities

CVE-2004-2038

Published: May 29, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) before LDU 700 allows remote attackers to inject arbitrary web script or HTML via a BBcode img tag in (1) functions.php, (2) header.php or (3) auth.inc.php.

Affected Software

Name Vendor Start Version End Version
Land_down_under Neocrome 601 601
Land_down_under Neocrome 602 602
Land_down_under Neocrome 700.01 700.01
Land_down_under Neocrome 700.02 700.02
Land_down_under Neocrome * 700.03

References