CVE-2005-2588

Dvbbs - XSS

Title source: rule

Description

Multiple cross-site scripting (XSS) vulnerabilities in DVBBS 7.1 SP2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the page parameter to dispbbs.asp, (2) name parameter to dispuser.asp, or the (3) title, (4) view, or (5) act parameter to boardhelp.asp.

Exploits (3)

exploitdb WRITEUP VERIFIED

by Lostmon · textwebappsasp

https://www.exploit-db.com/exploits/26108

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by Lostmon · textwebappsasp

https://www.exploit-db.com/exploits/26107

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by Lostmon · textwebappsasp

https://www.exploit-db.com/exploits/26109

View Code ZIP pw:eip

References (5)

Core 5

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/14498

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/18512

Exploit vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1014632

Exploit, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/16131

Exploit, Vendor Advisory x_refsource_misc

http://lostmon.blogspot.com/2005/08/dvbbs-multiple-variable-cross-site.html

Scores

EPSS 0.0171

EPSS Percentile 82.4%

Details

Status published

Products (2)

dvbbs/dvbbs 7.1

dvbbs/dvbbs 7.1_sp2

Published Aug 17, 2005

Tracked Since Feb 18, 2026