Cross-Site Scripting Vulnerability in Photo Album for phpBB
CVE-2005-1115

Currently unrated

Key Information:

Vendor: PHPbb Group
Status: PHPbb; Photo Album
Vendor: CVE Published:; 2 May 2005

🔔 Create PHPbb Group Vulnerability Alert

What is CVE-2005-1115?

The Photo Album module version 2.0.53 for phpBB contains multiple cross-site scripting (XSS) vulnerabilities that enable remote attackers to inject arbitrary web scripts or HTML. The vulnerabilities are exploited through the 'bsid' parameter in the 'album_cat.php' and 'album_comment.php' files, potentially compromising the security of affected applications and their users.

References

http://www.securityfocus.com/bid/13157

vdb-entryx_refsource_BID

http://www.digitalparadox.org/advisories/phpbbp.txt

x_refsource_MISC

http://marc.info/?l=bugtraq&m=111343406309969&w=2

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 2, 2005
Vulnerability Reserved
Apr 16, 2005

CVE-2005-1115 Data

JSON