CVE-2003-0483
XMB Forum 1.8 - 'buddy.php?action' Cross-Site Scripting
Severity Score
6.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Cross-site scripting (XSS) vulnerabilities in XMB Forum 1.8 Partagium allow remote attackers to insert arbitrary script via (1) the member parameter to member.php or (2) the action parameter to buddy.php.
Vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en XMB Forum 1.8 Partagium permite a atacantes remotos insertar script arbitrario mediante
el parĂ¡metro member en member.php, o
el parĂ¡metro action en buddy.php
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2003-06-23 First Exploit
- 2003-06-27 CVE Reserved
- 2003-06-28 CVE Published
- 2024-08-08 CVE Updated
- 2024-11-05 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://marc.info/?l=bugtraq&m=105638720409307&w=2 | Mailing List | |
| https://docs.xmbforum2.com/index.php?title=Security_Issue_History | X_refsource_misc |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/22821 | 2003-06-23 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|