CVE-2004-2511

Name: CVE-2004-2511
Creator: NVD / NIST
Published: 2004-12-31T05:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 5.32%

Last modified Jun 16, 2026

CVE-2004-2511 is a vulnerability of currently unknown severity. Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal 5.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the year, (2) month, and (3) day parameters in calendar.php; (4) the cid and (5) url parameters in index.php; (6) the cid parameter in annoucement.php; (7) the cid parameter in news.php; (8) the cid parameter in contents.php; (9) the q parameter in search.php; and (10) the country parameter in register.php.. EPSS estimates a 5.32% chance of exploitation in the next 30 days.

Description

Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal 5.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the year, (2) month, and (3) day parameters in calendar.php; (4) the cid and (5) url parameters in index.php; (6) the cid parameter in annoucement.php; (7) the cid parameter in news.php; (8) the cid parameter in contents.php; (9) the q parameter in search.php; and (10) the country parameter in register.php.

Metrics

EPSS Probability

5.32%

91.6th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Codeworx Technologies	Dcp-Portal	<= 5.3.2
Codeworx Technologies	Dcp-Portal	3.7
Codeworx Technologies	Dcp-Portal	4.0
Codeworx Technologies	Dcp-Portal	4.1
Codeworx Technologies	Dcp-Portal	4.2
Codeworx Technologies	Dcp-Portal	4.5.1
Codeworx Technologies	Dcp-Portal	5.0.1
Codeworx Technologies	Dcp-Portal	5.0.2
Codeworx Technologies	Dcp-Portal	5.1
Codeworx Technologies	Dcp-Portal	5.2
Codeworx Technologies	Dcp-Portal	5.3
Codeworx Technologies	Dcp-Portal	5.3.1

References

http://archives.neohapsis.com/archives/bugtraq/2004-10/0042.htmlExploit
http://secunia.com/advisories/12751Exploit, Vendor Advisory
http://securitytracker.com/id?1006351Exploit
http://www.osvdb.org/10585Exploit
http://www.osvdb.org/10587Exploit
http://www.osvdb.org/10588Exploit
http://www.osvdb.org/10589Exploit
http://www.osvdb.org/10590Exploit
http://www.osvdb.org/11405Exploit
http://www.securityfocus.com/bid/11338Exploit
http://www.securityfocus.com/bid/11339Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/17638
https://exchange.xforce.ibmcloud.com/vulnerabilities/17639
http://archives.neohapsis.com/archives/bugtraq/2004-10/0042.htmlExploit
http://secunia.com/advisories/12751Exploit, Vendor Advisory
http://securitytracker.com/id?1006351Exploit
http://www.osvdb.org/10585Exploit
http://www.osvdb.org/10587Exploit
http://www.osvdb.org/10588Exploit
http://www.osvdb.org/10589Exploit
http://www.osvdb.org/10590Exploit
http://www.osvdb.org/11405Exploit
http://www.securityfocus.com/bid/11338Exploit
http://www.securityfocus.com/bid/11339Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/17638
https://exchange.xforce.ibmcloud.com/vulnerabilities/17639

Timeline

Published: Dec 31, 2004
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2004-2511?

How severe is CVE-2004-2511?

Severity scoring for CVE-2004-2511 is pending analysis. The EPSS model estimates a 5.32% probability of exploitation in the next 30 days.

How do I fix CVE-2004-2511?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2004-2511?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST