Unrated severityNVD Advisory· Published Dec 17, 2005· Updated Apr 16, 2026
CVE-2005-4311
CVE-2005-4311
Description
Cross-site scripting (XSS) vulnerability in DCForum 6.25 and earlier, and possibly DCForum+ 1.x, allows remote attackers to inject arbitrary web script or HTML via (1) the page parameter in dcboard.php and (2) unspecified search parameters.
Affected products
16cpe:2.3:a:dcscripts:dcforum\+:1.0:*:*:*:*:*:*:*+ 15 more
- cpe:2.3:a:dcscripts:dcforum\+:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:dcscripts:dcforum\+:1.001:*:*:*:*:*:*:*
- cpe:2.3:a:dcscripts:dcforum\+:1.002:*:*:*:*:*:*:*
- cpe:2.3:a:dcscripts:dcforum\+:1.003:*:*:*:*:*:*:*
- cpe:2.3:a:dcscripts:dcforum\+:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:dcscripts:dcforum\+:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:dcscripts:dcforum:2000_1.1:*:*:*:*:*:*:*
- cpe:2.3:a:dcscripts:dcforum:2k_1.1:*:*:*:*:*:*:*
- cpe:2.3:a:dcscripts:dcforum:5.11:*:*:*:*:*:*:*
- cpe:2.3:a:dcscripts:dcforum:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:dcscripts:dcforum:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:dcscripts:dcforum:6.2:*:*:*:*:*:*:*
- cpe:2.3:a:dcscripts:dcforum:6.21:*:*:*:*:*:*:*
- cpe:2.3:a:dcscripts:dcforum:6.22:*:*:*:*:*:*:*
- cpe:2.3:a:dcscripts:dcforum:6.23:*:*:*:*:*:*:*
- cpe:2.3:a:dcscripts:dcforum:6.25:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4News mentions
0No linked articles in our index yet.