CVE-2005-2569
CVE-2005-2569
Multiple cross-site scripting (XSS) vulnerabilities in FunkBoard 0.66CF, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the fbusername or fbpassword parameter to (1) editpost.php, (2) prefs.php, (3) newtopic.php, (4) reply.php, or (5) profile.php, the (6) fbusername, (7) fmail, (8) www, (9) icq, (10) yim, (11) location, (12) sex, (13) interebbies, (14) sig or (15) aim parameter to register.php, or (16) subject parameter to newtopic.php.
Affected products
n/a · n/apublic PoCs found — 6
exploitdbwww.exploit-db.com/exploits/26117unverifiedexploitdbwww.exploit-db.com/exploits/26119unverifiedexploitdbwww.exploit-db.com/exploits/26118unverifiedexploitdbwww.exploit-db.com/exploits/26121unverifiedexploitdbwww.exploit-db.com/exploits/26122unverifiedexploitdbwww.exploit-db.com/exploits/26120unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →