CVE-2004-2085

N/A Unknown

Published: February 04, 2004 Modified: April 16, 2026

Description

Multiple cross-site scripting (XSS) vulnerabilities in Brad Fears phpCodeCabinet 0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via multiple parameters, including (1) the sid parameter to comments.php, (2) the cid, cf, or rfd parameters to category.php, or the cid parameter to (3) input.php, (4) browse.php, (5) themes/facade/header.php, or (6) themes/phpcc/header.php.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://cvs.sourceforge.net/viewcvs.py/phpcodecabinet/phpcc/browse.php?r1=1.5&r2=1.6

Source: cve@mitre.org

Vendor Advisory

http://cvs.sourceforge.net/viewcvs.py/phpcodecabinet/phpcc/category.php?r1=1.4&r2=1.5

Source: cve@mitre.org

Vendor Advisory

http://cvs.sourceforge.net/viewcvs.py/phpcodecabinet/phpcc/comments.php?r1=1.1&r2=1.2

Source: cve@mitre.org

Vendor Advisory

http://cvs.sourceforge.net/viewcvs.py/phpcodecabinet/phpcc/input.php?r1=1.7&r2=1.8

Source: cve@mitre.org

Vendor Advisory

http://cvs.sourceforge.net/viewcvs.py/phpcodecabinet/phpcc/themes/facade/header.php?r1=1.4&r2=1.5

Source: cve@mitre.org

Vendor Advisory

http://cvs.sourceforge.net/viewcvs.py/phpcodecabinet/phpcc/themes/phpcc/header.php?r1=1.4&r2=1.5

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/10862

Source: cve@mitre.org

http://securitytracker.com/id?1009012

Source: cve@mitre.org

http://sourceforge.net/project/shownotes.php?release_id=214860

Source: cve@mitre.org

Vendor Advisory

http://www.osvdb.org/16710

Source: cve@mitre.org

http://www.osvdb.org/16711

Source: cve@mitre.org

http://www.osvdb.org/3885

Source: cve@mitre.org

Vendor Advisory

http://www.osvdb.org/3886

Source: cve@mitre.org

Patch Vendor Advisory

http://www.osvdb.org/3887

Source: cve@mitre.org

Patch Vendor Advisory

http://www.securityfocus.com/bid/9601

Source: cve@mitre.org

Patch Vendor Advisory

http://www.securityfocus.com/bid/9645

Source: cve@mitre.org

Patch Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/15190

Source: cve@mitre.org

http://cvs.sourceforge.net/viewcvs.py/phpcodecabinet/phpcc/browse.php?r1=1.5&r2=1.6

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://cvs.sourceforge.net/viewcvs.py/phpcodecabinet/phpcc/category.php?r1=1.4&r2=1.5

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://cvs.sourceforge.net/viewcvs.py/phpcodecabinet/phpcc/comments.php?r1=1.1&r2=1.2

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://cvs.sourceforge.net/viewcvs.py/phpcodecabinet/phpcc/input.php?r1=1.7&r2=1.8

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://cvs.sourceforge.net/viewcvs.py/phpcodecabinet/phpcc/themes/facade/header.php?r1=1.4&r2=1.5

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://cvs.sourceforge.net/viewcvs.py/phpcodecabinet/phpcc/themes/phpcc/header.php?r1=1.4&r2=1.5

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/10862

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1009012

Source: af854a3a-2127-422b-91ae-364da2661108

http://sourceforge.net/project/shownotes.php?release_id=214860

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.osvdb.org/16710

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/16711

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/3885

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.osvdb.org/3886

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://www.osvdb.org/3887

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://www.securityfocus.com/bid/9601

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://www.securityfocus.com/bid/9645

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/15190

Source: af854a3a-2127-422b-91ae-364da2661108

34 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

3.1%

87th percentile

Exploitation Status

Not in CISA KEV

Affected Vendors

brad_fears