CVE-2005-2564 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2005-2564

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Direct static code injection vulnerability in editcss.php in Gravity Board X (GBX) 1.1 allows remote attackers to execute arbitrary PHP code, HTML, and script via the csscontent parameter, which is directly inserted into the gbxfinal.css file.

Affected Software

Name	Vendor	Start Version	End Version
Gravity_board_x	Gravity_board_x_development_team	1.1 (including)	1.1 (including)

References

http://marc.info/?l=bugtraq\u0026m=112351740803443\u0026w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/21742
http://marc.info/?l=bugtraq\u0026m=112351740803443\u0026w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/21742