Detections
Analytics
PBLang Bulletin Board Multiple HTML Injection and XSS
medium Nessus Network Monitor Plugin ID 2643
Synopsis
The remote host is vulnerable to multiple attack vectors.Description
The remote host is running PBLang, a bulletin board system written in PHP. This version of PBLang is vulnerable to a remote Cross-Site Scripting (XSS) flaw. In addition, this version of PBLang is vulnerable to an HTML injection flaw within the pmpshow.php script. An attacker exploiting these flaws would be need to be able to convince a user to click on a malicious URL. Upon successful exploitation, the attacker would be able to steal credentials or execute code within the browser. A third flaw, which does not require user interaction, has been discovered with this version of PBLang. Specifically, files outside of the web root may be displayed to remote users. This sort of attack is known as a 'directory-traversal' attack, and would allow an attacker to craft a remote query such that the returned data would contain potentially confidential data (/etc/passwd file, HTTPD configuration files, and more.)Solution
Upgrade or patch according to vendor recommendations.See Also
http://archives.neohapsis.com/archives/bugtraq/2005-02/0406.html
http://archives.neohapsis.com/archives/bugtraq/2005-02/0407.html
http://archives.neohapsis.com/archives/bugtraq/2005-03/0015.html
http://archives.neohapsis.com/archives/bugtraq/2005-03/0019.html
Plugin Details
Severity: Medium
ID: 2643
Family: CGI
Published: 2/24/2005
Updated: 3/6/2019
Nessus ID: 17209
Risk Information
VPR
Risk Factor: Medium
Score: 4.5
CVSS v2
Risk Factor: Medium
Base Score: 6.5
Temporal Score: 6.5
Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P
CVSS v3
Risk Factor: Medium
Base Score: 6.3
Temporal Score: 6.3
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Temporal Vector: CVSS:3.0/E:H/RL:U/RC:X
Vulnerability Information
CPE: cpe:/a:pblang:pblang