CVE-2005-2588 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in DVBBS 7.1 SP2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the page parameter to dispbbs.asp (2) name parameter to dispuser.asp or the (3) title (4) view or (5) act parameter to boardhelp.asp.

Reference

http://lostmon.blogspot.com/2005/08/dvbbs-multiple-variable-cross-site.html http://secunia.com/advisories/16131 http://securitytracker.com/id?1014632 http://www.osvdb.org/18512 http://www.securityfocus.com/bid/14498