CVE-2005-4333
published 2005-12-17CVE-2005-4333: Multiple cross-site scripting (XSS) vulnerabilities in Binary Board System (BBS) 0.2.5 and earlier allow remote attackers to inject arbitrary web script or…
PriorityP419medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
1.78%
75.5th percentile
Multiple cross-site scripting (XSS) vulnerabilities in Binary Board System (BBS) 0.2.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) inreplyto, (2) article, and (3) board parameters to reply.pl, (4) branch, (5) board, and (6) stats.pl parameters to (b) stats.pl, and (7) board parameter to (c) toc.pl.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| binary-concepts | binary_board_system | <= 0.2.5 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Binary Board System 0.2.5 - 'reply.pl' Multiple Cross-Site Scripting Vulnerabilities
exploitdb·2005-12-16
CVE-2005-4333 Binary Board System 0.2.5 - 'reply.pl' Multiple Cross-Site Scripting Vulnerabilities
Binary Board System 0.2.5 - 'reply.pl' Multiple Cross-Site Scripting Vulnerabilities
---
source: https://www.securityfocus.com/bid/15913/info
binary board system is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
This issue affects version 0.2.5; earlier versions may also be vulnerable.
http://www.example.com/reply.pl?board=1&article=81&inreplyto=[XSS]&[member]=yes
http://www.example.com/reply.pl?board=1&article=[XSS]&inreplyto=0&[memb
Exploit-DB
Binary Board System 0.2.5 - 'stats.pl' Multiple Cross-Site Scripting Vulnerabilities
exploitdb·2005-12-16
CVE-2005-4333 Binary Board System 0.2.5 - 'stats.pl' Multiple Cross-Site Scripting Vulnerabilities
Binary Board System 0.2.5 - 'stats.pl' Multiple Cross-Site Scripting Vulnerabilities
---
source: https://www.securityfocus.com/bid/15913/info
binary board system is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
This issue affects version 0.2.5; earlier versions may also be vulnerable.
http://www.example.com/stats.pl?action=branchdetail&branch=[XSS]&view=posts&[member]=yes
http://www.example.com/stats.pl?action=boarddetail&board=[XSS]
Exploit-DB
Binary Board System 0.2.5 - 'toc.pl?board' Cross-Site Scripting
exploitdb·2005-12-16
CVE-2005-4333 Binary Board System 0.2.5 - 'toc.pl?board' Cross-Site Scripting
Binary Board System 0.2.5 - 'toc.pl?board' Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/15913/info
binary board system is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
This issue affects version 0.2.5; earlier versions may also be vulnerable.
http://www.example.com/toc.pl?board=[XSS]&[member]=yes
No writeups or analysis indexed.
http://pridels0.blogspot.com/2005/12/binary-board-system-xss-vuln.htmlhttp://www.osvdb.org/21893http://www.osvdb.org/21894http://www.osvdb.org/21895http://www.securityfocus.com/bid/15913http://pridels0.blogspot.com/2005/12/binary-board-system-xss-vuln.htmlhttp://www.osvdb.org/21893http://www.osvdb.org/21894http://www.osvdb.org/21895http://www.securityfocus.com/bid/15913
2005-12-17
Published