Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Apr 16, 2026

CVE-2004-2725

Description

Multiple cross-site scripting (XSS) vulnerabilities in Aztek Forum 4.0 allow remote attackers to inject arbitrary web script or HTML via (1) the search parameter in (a) search.php, (2) the email parameter in (b) subscribe.php, and (3) the return and (4) title parameters in (c) forum_2.php.

Affected products

Aztek Forum/Aztek Forum
cpe:2.3:a:aztek_forum:aztek_forum:4.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

securitytracker.com/idnvdExploit
www.securityfocus.com/bid/11654nvdExploit
secunia.com/advisories/13202nvdVendor Advisory
www.osvdb.org/11704nvd
www.osvdb.org/11705nvd
www.osvdb.org/11706nvd
exchange.xforce.ibmcloud.com/vulnerabilities/18057nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000