CVE-2005-3689

Severity Score

5.0

*CVSS v2

*EPSS

*CPE

*Multiple Sources

*KEV

*SSVC

post.php in XMB 1.9.2 allows remote attackers to obtain the installation path via an invalid fid parameter in a newthread action.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

* Common Vulnerability Scoring System

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

URL	Tag	Source
http://www.securityfocus.com/archive/1/417078/30/0/threaded	Mailing List
http://www.securityfocus.com/bid/15489	Vdb Entry
http://www.vupen.com/english/advisories/2005/2488	Vdb Entry
https://docs.xmbforum2.com/index.php?title=Security_Issue_History	X_refsource_misc

URL	Date	SRC
http://irannetjob.com/content/view/163/28	2024-08-07

URL	Date	SRC

URL	Date	SRC
http://secunia.com/advisories/17642	2024-02-14

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Xmb Forum Search vendor "Xmb Forum"		Xmb Search vendor "Xmb Forum" for product "Xmb"				1.9.2 Search vendor "Xmb Forum" for product "Xmb" and version "1.9.2"		-		Affected
Xmb Forum Search vendor "Xmb Forum"		Xmb Search vendor "Xmb Forum" for product "Xmb"				1.9.3 Search vendor "Xmb Forum" for product "Xmb" and version "1.9.3"		-		Affected