Published: 03/07/2002 Updated: 11/07/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 510

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Cross-site scripting vulnerabilities in PostBoard 2.0.1 and previous versions allows remote malicious users to execute script as other users via (1) an [IMG] tag when BBCode is enabled, or (2) in a topic title.

Vulnerable Product	Search on Vulmon	Subscribe to Product
postboard postboard 2.0
postboard postboard 2.0.1
postnuke software foundation postnuke 0.64
postnuke software foundation postnuke 0.71
postnuke software foundation postnuke 0.70
postnuke software foundation postnuke 0.703

source: wwwsecurityfocuscom/bid/4559/info PostBoard is a freely available, open source message board module for the PostNuke content management system It is designed for use on the Unix and Linux operating systems PostBoard does not sanitize code submitted to site between IMG tags Due to this, a malicious user may be able to submit a ...

source: wwwsecurityfocuscom/bid/4561/info PostBoard is a freely available, open source message board module for the PostNuke content management system It is designed for use on the Unix and Linux operating systems PostBoard does not adequately sanitize input by board users Because of this, it is possible for users of the board to inse ...

NVD-CWE-Other http://online.securityfocus.com/archive/1/267936 http://www.securityfocus.com/bid/4559 http://www.iss.net/security_center/static/8881.php http://www.securityfocus.com/bid/4561 https://exchange.xforce.ibmcloud.com/vulnerabilities/8884 https://nvd.nist.gov https://www.exploit-db.com/exploits/21401/

CVE-2002-0535

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect