Back to search
CVE-2004-2509
Published: Oct 25, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
Cross-site scripting (XSS) vulnerabilities in (1) calendar.php, (2) login.php, and (3) online.php in Infopop UBB.Threads 6.2.3 and 6.5 allow remote attackers to inject arbitrary web script or HTML via the Cat parameter.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
12366
vdb-entry
x_refsource_OSVDB
11900
vdb-entry
x_refsource_BID
1012503
vdb-entry
x_refsource_SECTRACK
20041213 Multiple XSS Vulnerabilities in several UBB.Thread Versions
mailing-list
x_refsource_FULLDISC
12365
vdb-entry
x_refsource_OSVDB
12367
vdb-entry
x_refsource_OSVDB
13452
third-party-advisory
x_refsource_SECUNIA
ubbthreads-multiple-scripts-xss(18432)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now