Vulnerability Details : CVE-2005-3689
Potential exploit
post.php in XMB 1.9.2 allows remote attackers to obtain the installation path via an invalid fid parameter in a newthread action.
Products affected by CVE-2005-3689
- cpe:2.3:a:xmb_forum:xmb:1.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:xmb_forum:xmb:1.9.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-3689
1.00%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 75 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2005-3689
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST |
Vendor statements for CVE-2005-3689
-
XMB 2021-04-23XMB versions 1.9.8 SP2 and later were checked and are not vulnerable. Upgrades are available at https://www.xmbforum2.com/
References for CVE-2005-3689
-
http://www.securityfocus.com/archive/1/417078/30/0/threaded
-
http://www.securityfocus.com/bid/15489
-
http://irannetjob.com/content/view/163/28/
Exploit;Vendor Advisory
-
https://docs.xmbforum2.com/index.php?title=Security_Issue_History
Security Issue History - XMBdocs
-
http://www.vupen.com/english/advisories/2005/2488
Jump to