CVE-2005-4311
Cross-site scripting (XSS) vulnerability in DCForum 6.25 and earlier, and possibly DCForum+ 1.x, allows remote attackers to inject arbitrary web script or HTML via (1) the page parameter in dcboard.php and (2) unspecified search parameters.
| Software | From | Fixed in |
|---|---|---|
| dcscripts / dcforum+ | 1.002 | 1.002.x |
| dcscripts / dcforum | 6.21 | 6.21.x |
| dcscripts / dcforum+ | 1.1 | 1.1.x |
| dcscripts / dcforum | 2k_1.1 | 2k_1.1.x |
| dcscripts / dcforum | 6.2 | 6.2.x |
| dcscripts / dcforum+ | 1.0 | 1.0.x |
| dcscripts / dcforum+ | 1.003 | 1.003.x |
| dcscripts / dcforum | 5.11 | 5.11.x |
| dcscripts / dcforum | 6.0 | 6.0.x |
| dcscripts / dcforum+ | 1.2 | 1.2.x |
| dcscripts / dcforum | 6.23 | 6.23.x |
| dcscripts / dcforum | 2000_1.1 | 2000_1.1.x |
| dcscripts / dcforum | 6.25 | 6.25.x |
| dcscripts / dcforum | 6.1 | 6.1.x |
| dcscripts / dcforum | 6.22 | 6.22.x |
| dcscripts / dcforum+ | 1.001 | 1.001.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime