| VID |
21679 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Ultimate PHP Board is vulnerable to multiple cross-site scripting vulnerabilities (1). Ultimate PHP Board (UPB) is a freely available, open source PHP Bulletin Board for the Unix, Linux, and Windows operating systems. Ultimate PHP Board version 1.9.6 and earlier versions are vulnerable to multiple cross-site scripting vulnerabilities, caused by improper validation of user-supplied input passed to the multiple parameters of the viewtopic.php, profile.php, newpost.php, email.php, icq.php, aol.php, getpass.php, login.php, and search.php scripts. These vulnerabilities could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were to be followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the affected web site and may allow for theft of cookie-based authentication credentials or other attacks.
* References:
http://www.myupb.com/forum/viewtopic.php?id=26&t_id=118
http://securityfocus.com/archive/1/402461
http://www.osvdb.org/displayvuln.php?osvdb_id=17362
http://www.osvdb.org/displayvuln.php?osvdb_id=17363
http://www.osvdb.org/displayvuln.php?osvdb_id=17364
http://www.osvdb.org/displayvuln.php?osvdb_id=17365
http://www.osvdb.org/displayvuln.php?osvdb_id=17366
http://www.osvdb.org/displayvuln.php?osvdb_id=17367
http://www.osvdb.org/displayvuln.php?osvdb_id=17368
http://www.osvdb.org/displayvuln.php?osvdb_id=17369
http://www.osvdb.org/displayvuln.php?osvdb_id=17370
http://www.osvdb.org/displayvuln.php?osvdb_id=17371
http://www.osvdb.org/displayvuln.php?osvdb_id=17372
http://www.osvdb.org/displayvuln.php?osvdb_id=17373
* Platforms Affected:
X-Crew, Ultimate PHP Board version 1.9.6 and earlier versions
Any operating system Any version |
| Recommendation |
Apply the patch, as listed in the MyUPB Security Advisory dated June 19, 2005 at http://www.myupb.com/forum/viewtopic.php?id=26&t_id=118 |
| Related URL |
CVE-2005-2004 (CVE) |
| Related URL |
13971 (SecurityFocus) |
| Related URL |
21035 (ISS) |
|
