Direct static code injection vulnerability in editcss.php in Gravity Board X (GBX) 1.1

Direct static code injection vulnerability in editcss.php in Gravity Board X (GBX) 1.1

CVE-2005-2564 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Direct static code injection vulnerability in editcss.php in Gravity Board X (GBX) 1.1 allows remote attackers to execute arbitrary PHP code, HTML, and script via the csscontent parameter, which is directly inserted into the gbxfinal.css file.

Learn more about our Web Application Penetration Testing UK.