PT-2005-4659 · Pblang · Pblang
R0Xes
·
Published
2005-11-30
·
Updated
2008-09-05
·
CVE-2005-3919
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
PBLang version 4.65
Description
A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via multiple fields in (1) "UCP.php" and (2) "SendPm.php".
Recommendations
For PBLang version 4.65, consider disabling access to the "UCP.php" and "SendPm.php" files until a patch is available to prevent exploitation of the XSS issue.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Pblang