Published: 29/05/2004 Updated: 11/07/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) before LDU 700 allows remote malicious users to inject arbitrary web script or HTML via a BBcode img tag in (1) functions.php, (2) header.php or (3) auth.inc.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
neocrome land down under 700.01
neocrome land down under 700.02
neocrome land down under 601
neocrome land down under 602
neocrome land down under

source: wwwsecurityfocuscom/bid/10435/info Land Down Under is prone to an HTML injection vulnerability This issue is exposed through their BBCode implementation Exploitation could permit theft of cookie credentials, manipulation of content, or other attacks [img]javascript:alert(documentcookie);[/img] ...

NVD-CWE-Other http://ldu.neocrome.net/page.php?id=1357 http://www.osvdb.org/6508 http://www.osvdb.org/6510 http://www.osvdb.org/6511 http://secunia.com/advisories/11739 http://www.securityfocus.com/bid/10435 http://securitytracker.com/alerts/2004/May/1010335.html http://marc.info/?l=bugtraq&m=108585789220174&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/16284 https://nvd.nist.gov https://www.exploit-db.com/exploits/24152/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-2038

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect