Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Jun 16, 2026
CVE-2004-2725
CVE-2004-2725
Description
Multiple cross-site scripting (XSS) vulnerabilities in Aztek Forum 4.0 allow remote attackers to inject arbitrary web script or HTML via (1) the search parameter in (a) search.php, (2) the email parameter in (b) subscribe.php, and (3) the return and (4) title parameters in (c) forum_2.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:aztek_forum:aztek_forum:4.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:aztek_forum:aztek_forum:4.0:*:*:*:*:*:*:*
- (no CPE)range: =4.0
Patches
Vulnerability mechanics
References
7- securitytracker.com/idnvdExploit
- www.securityfocus.com/bid/11654nvdExploit
- secunia.com/advisories/13202nvdVendor Advisory
- www.osvdb.org/11704nvd
- www.osvdb.org/11705nvd
- www.osvdb.org/11706nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/18057nvd
News mentions
0No linked articles in our index yet.