CVE-2005-3689

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions XMB version 1.9.2

Description The issue allows remote attackers to obtain the installation path. This is achieved by providing an invalid fid parameter in a newthread action to the post.php file.

Recommendations For XMB version 1.9.2, consider restricting access to the post.php file or validating the fid parameter to prevent exploitation. As a temporary workaround, avoid using the newthread action with unvalidated input until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-3689

Affected Products

Xmb

CVE-2005-3689

Related Identifiers

Affected Products

References · 7