CVE-2005-3547 Information
Description
Cross-site scripting (XSS) vulnerability in Invision Power Board 2.1 allows remote attackers to inject arbitrary web script or HTML via the (1) adsess (2) name and (3) description parameters in admin.php and the (4) ACP Notes (5) Member Name (6) Password (7) Email Address (8) Components and multiple other input fields.
Reference
http://benji.redkod.org/audits/ipb.2.1.pdf http://osvdb.org/20516 http://osvdb.org/20517 http://osvdb.org/20518 http://osvdb.org/20519 http://osvdb.org/20520 http://osvdb.org/20521 http://osvdb.org/20522 http://secunia.com/advisories/17443 http://www.securityfocus.com/archive/1/415801/30/0/threaded http://www.securityfocus.com/bid/15344 http://www.securityfocus.com/bid/15345 https://exchange.xforce.ibmcloud.com/vulnerabilities/22999
Share on: