Vulnerability Details CVE-2005-0629
Multiple cross-site scripting (XSS) vulnerabilities in profile.php in 427BB 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) user or (2) Avatar parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.071
EPSS Ranking 91.1%
CVSS Severity
CVSS v2 Score 4.3
References
- http://marc.info/?l=bugtraq&m=110970474726113&w=2
- http://marc.info/?l=bugtraq&m=110970911514167&w=2
- http://secunia.com/advisories/14434
- http://securitytracker.com/id?1013337
- http://www.securityfocus.com/bid/12693
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19546
- http://marc.info/?l=bugtraq&m=110970474726113&w=2
- http://marc.info/?l=bugtraq&m=110970911514167&w=2
- http://secunia.com/advisories/14434
- http://securitytracker.com/id?1013337
- http://www.securityfocus.com/bid/12693
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19546
Products affected by CVE-2005-0629
-
cpe:2.3:a:427bb:fourtwosevenbb:2.0
-
cpe:2.3:a:427bb:fourtwosevenbb:2.0.1
-
cpe:2.3:a:427bb:fourtwosevenbb:2.1
-
cpe:2.3:a:427bb:fourtwosevenbb:2.1.1
-
cpe:2.3:a:427bb:fourtwosevenbb:2.1.2
-
cpe:2.3:a:427bb:fourtwosevenbb:2.1.3
-
cpe:2.3:a:427bb:fourtwosevenbb:2.2
-
cpe:2.3:a:427bb:fourtwosevenbb:2.2.1