CVE-2004-1967
8.8
CVSS Score
High
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Link copied!
Description
Cross-site request forgery (CSRF) vulnerabilities in (1) cp_forums.php, (2) cp_usergroup.php, (3) cp_ipbans.php, (4) myhome.php, (5) post.php, or (6) moderator.php in Open Bulletin Board (OpenBB) 1.0.6 and earlier allow remote attackers to execute arbitrary code by including the code in an image tag or a link.
CVSS Vector Details
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected Software Configurations
- a openbb openbb 1.0.6 * * * * * * *
Weaknesses (CWE)
- CWE-352
References & External Links
- http://marc.info/?l=bugtraq&m=108301983206107&w=2
- http://secunia.com/advisories/11481
- http://securitytracker.com/id?1009935
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15967
- http://marc.info/?l=bugtraq&m=108301983206107&w=2
- http://secunia.com/advisories/11481
- http://securitytracker.com/id?1009935
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15967
External Resources
CVE History Timeline
May 26, 2005 16:54
Initial Analysis
Oct 18, 2016 03:03
CVE Modified
Jul 11, 2017 01:31
CVE Modified
Feb 08, 2024 20:46
Modified Analysis
May 14, 2024 01:27
CVE Modified
Nov 20, 2024 23:52
CVE Modified