CVE-2004-1969 Information

Description

The avatar upload capability in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to execute arbitrary script by uploading files that include scripting code such as Javascript.

Reference

http://marc.info/?l=bugtraq&m=108301983206107&w=2 http://secunia.com/advisories/11481 http://securitytracker.com/id?1009935 http://www.securityfocus.com/bid/10218 https://exchange.xforce.ibmcloud.com/vulnerabilities/15971