CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-2564

Direct static code injection vulnerability in editcss.php in Gravity Board X (GBX) 1.1 allows remote attackers to execute arbitrary PHP code, HTML, and script via the csscontent parameter, which is directly inserted into the gbxfinal.css file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.031

EPSS Ranking 86.2%

CVSS Severity

CVSS v2 Score 7.5

References

http://marc.info/?l=bugtraq&m=112351740803443&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/21742
http://marc.info/?l=bugtraq&m=112351740803443&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/21742

Products affected by CVE-2005-2564

Gravity Board X Development Team » Gravity Board X » Version: 1.1

cpe:2.3:a:gravity_board_x_development_team:gravity_board_x:1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-2564

Products

Pricing

Contact Us