CVE-2002-0118

Published Mar 25, 2002

Last updated 16 years ago

Overview

Description: Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.2.0 Beta Release 1.0 allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:infopop:ultimate_bulletin_board:5.4.7e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E79188C3-8C18-4B27-865E-A3D315209CAB"
          },
          {
            "criteria": "cpe:2.3:a:infopop:ultimate_bulletin_board:5.43:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "109D6BE8-39AD-43A7-B620-DEAA989D809E"
          },
          {
            "criteria": "cpe:2.3:a:infopop:ultimate_bulletin_board:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D01C4960-1118-4501-9492-182F6C15B553"
          },
          {
            "criteria": "cpe:2.3:a:infopop:ultimate_bulletin_board:6.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AEC46938-E4B4-4688-B7C3-230B3B438770"
          },
          {
            "criteria": "cpe:2.3:a:infopop:ultimate_bulletin_board:6.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "318B4B73-7B80-4D27-AE8E-EB56929FD151"
          },
          {
            "criteria": "cpe:2.3:a:infopop:ultimate_bulletin_board:6.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EAC93AEF-9811-4F44-A5B3-738EAA0C69EA"
          },
          {
            "criteria": "cpe:2.3:a:infopop:ultimate_bulletin_board:6.0.4f:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CBDBDDE6-395D-4F7B-975A-450231987BBF"
          },
          {
            "criteria": "cpe:2.3:a:infopop:ultimate_bulletin_board:6.0beta:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E54B2EE8-52CD-48F9-AEB7-6D212A0E2472"
          },
          {
            "criteria": "cpe:2.3:a:infopop:ultimate_bulletin_board:6.2.0_beta_release_1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "14D70B09-9A69-4A4B-9301-650CEA0A4E1D"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References