CVE-2005-3264 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2005-3264

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Cross-site scripting (XSS) vulnerability in thread.php for Zeroblog 1.1f and 1.2a allows remote attackers to inject arbitrary web script or HTML via the threadID parameter.

Affected Software

Name	Vendor	Start Version	End Version
Zeroblog	Zeroblog	1.1f (including)	1.1f (including)
Zeroblog	Zeroblog	1.2a (including)	1.2a (including)

References

http://irannetjob.com/content/view/141/28/
http://marc.info/?l=bugtraq\u0026m=112907042504220\u0026w=2
http://secunia.com/advisories/17175/
http://www.securityfocus.com/bid/15078