S4E

CVE-2004-1965 Scanner

CVE-2004-1965 scanner - Open Redirect vulnerability in Open Bulletin Board (OpenBB)

Short Info


Level

Medium

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

1 month 3 days

Scan only one

URL

Toolbox

-

Open Bulletin Board (OpenBB) is an online forum software used for the purpose of facilitating discussions and information sharing among groups of individuals. With an easy-to-use interface, it allows users to create topics, post messages, and participate in discussions with other members of the forum. OpenBB has been widely adopted and used in various online communities.

However, OpenBB has been found to contain multiple cross-site scripting (XSS) vulnerabilities, such as CVE-2004-1965. This vulnerability allows remote attackers to inject arbitrary web script or HTML via various parameters, such as the redirect parameter to member.php, to parameter to myhome.php, TID parameter to post.php, or redirect parameter to index.php. This could lead to attackers exploiting this vulnerability to steal sensitive information or trick users into submitting personal data.

If this vulnerability is exploited, it can cause serious harm to system security, as attackers could take over the forum administration panel, delete or modify posts, or even delete the entire forum. The vulnerability can be further exploited to steal sensitive data such as user credentials, causing damage to users' online reputation. Thus, it is critical to take measures to prevent this vulnerability from being exploited.

S4E is a security platform that provides advanced tools to help businesses easily assess and identify vulnerabilities in their digital assets. With our advanced features, you can analyze web applications, network infrastructure, mobile applications, databases, operating systems, and more, to detect vulnerabilities and proactively mitigate risks. By signing up for our platform, you can keep your digital assets and sensitive data secure from malicious attackers.

 

REFERENCES

Get started to protecting your Free Full Security Scan