CVE-2005-2564 Information

Feb 14, 2021 cve

Description

Direct static code injection vulnerability in editcss.php in Gravity Board X (GBX) 1.1 allows remote attackers to execute arbitrary PHP code HTML and script via the csscontent parameter which is directly inserted into the gbxfinal.css file.

Reference

http://marc.info/?l=bugtraq&m=112351740803443&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/21742

Share on: