CVE-2004-1863 Information

Feb 14, 2021 cve

Description

Multiple cross-site scripting (XSS) vulnerabilities in XMB (aka extreme message board) 1.9 beta (aka Nexus beta) allow remote attackers to inject arbitrary web script or HTML via (1) the u2uheader parameter in editprofile.php the restrict parameter in (2) member.php (3) misc.php and (4) today.php and (5) an arbitrary parameter in phpinfo.php.

Reference

http://marc.info/?l=bugtraq&m=108032355905265&w=2 http://www.osvdb.org/14982 http://www.osvdb.org/14989 http://www.osvdb.org/14991 http://www.osvdb.org/16884 http://www.securityfocus.com/bid/9983 https://exchange.xforce.ibmcloud.com/vulnerabilities/15654

Share on: