VYPR
Unrated severityNVD Advisory· Published Dec 17, 2005· Updated Jun 16, 2026

CVE-2005-4311

CVE-2005-4311

Description

Cross-site scripting (XSS) vulnerability in DCForum 6.25 and earlier, and possibly DCForum+ 1.x, allows remote attackers to inject arbitrary web script or HTML via (1) the page parameter in dcboard.php and (2) unspecified search parameters.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

17
  • Dcscripts/Dcforum\+16 versions
    cpe:2.3:a:dcscripts:dcforum\+:1.0:*:*:*:*:*:*:*+ 15 more
    • cpe:2.3:a:dcscripts:dcforum\+:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:dcscripts:dcforum\+:1.001:*:*:*:*:*:*:*
    • cpe:2.3:a:dcscripts:dcforum\+:1.002:*:*:*:*:*:*:*
    • cpe:2.3:a:dcscripts:dcforum\+:1.003:*:*:*:*:*:*:*
    • cpe:2.3:a:dcscripts:dcforum\+:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:dcscripts:dcforum\+:1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:dcscripts:dcforum:2000_1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:dcscripts:dcforum:2k_1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:dcscripts:dcforum:5.11:*:*:*:*:*:*:*
    • cpe:2.3:a:dcscripts:dcforum:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:dcscripts:dcforum:6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:dcscripts:dcforum:6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:dcscripts:dcforum:6.21:*:*:*:*:*:*:*
    • cpe:2.3:a:dcscripts:dcforum:6.22:*:*:*:*:*:*:*
    • cpe:2.3:a:dcscripts:dcforum:6.23:*:*:*:*:*:*:*
    • cpe:2.3:a:dcscripts:dcforum:6.25:*:*:*:*:*:*:*
  • DCForum/DCForumllm-create
    Range: <=6.25

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.