CVE Vulnerabilities

CVE-2005-4311

Published: Dec 17, 2005 | Modified: Mar 08, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Cross-site scripting (XSS) vulnerability in DCForum 6.25 and earlier, and possibly DCForum+ 1.x, allows remote attackers to inject arbitrary web script or HTML via (1) the page parameter in dcboard.php and (2) unspecified search parameters.

Affected Software

Name Vendor Start Version End Version
Dcforum+ Dcscripts 1.002 1.002
Dcforum Dcscripts 6.21 6.21
Dcforum+ Dcscripts 1.1 1.1
Dcforum Dcscripts 2k_1.1 2k_1.1
Dcforum Dcscripts 6.2 6.2
Dcforum+ Dcscripts 1.0 1.0
Dcforum+ Dcscripts 1.003 1.003
Dcforum Dcscripts 5.11 5.11
Dcforum Dcscripts 6.0 6.0
Dcforum+ Dcscripts 1.2 1.2
Dcforum Dcscripts 6.23 6.23
Dcforum Dcscripts 2000_1.1 2000_1.1
Dcforum Dcscripts 6.25 6.25
Dcforum Dcscripts 6.1 6.1
Dcforum Dcscripts 6.22 6.22
Dcforum+ Dcscripts 1.001 1.001

References