ID CVE-2006-0156
Type cve
Reporter NVD
Modified 2017-07-19T21:29:30
Description
Cross-site scripting (XSS) vulnerability in Foxrum 4.0.4f allows remote attackers to inject arbitrary Javascript via the javascript URI in bbcode url tags in (1) addpost1.php and (2) addtopic1.php.
{"id": "CVE-2006-0156", "bulletinFamily": "NVD", "title": "CVE-2006-0156", "description": "Cross-site scripting (XSS) vulnerability in Foxrum 4.0.4f allows remote attackers to inject arbitrary Javascript via the javascript URI in bbcode url tags in (1) addpost1.php and (2) addtopic1.php.", "published": "2006-01-10T06:03:00", "modified": "2017-07-19T21:29:30", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-0156", "reporter": "NVD", "references": ["http://evuln.com/vulns/20", "http://www.securityfocus.com/bid/16172", "http://securityreason.com/securityalert/325", "https://exchange.xforce.ibmcloud.com/vulnerabilities/24043", "http://www.vupen.com/english/advisories/2006/0121", "http://www.securityfocus.com/archive/1/archive/1/421277/100/0/threaded"], "cvelist": ["CVE-2006-0156"], "type": "cve", "lastseen": "2017-07-20T10:49:02", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:foxrum:foxrum:4.0.4f"], "cvelist": ["CVE-2006-0156"], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "Cross-site scripting (XSS) vulnerability in Foxrum 4.0.4f allows remote attackers to inject arbitrary Javascript via the javascript URI in bbcode url tags in (1) addpost1.php and (2) addtopic1.php.", "edition": 1, "enchantments": {}, "hash": "c835485705cc9ec9f97873b33d5e7d3ba5d0bdc813219d254c36886b7de3dea2", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "177aaa98ddb5b163f14e051fdf107b4e", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "d526174a7c40bc8fcc5fa7a637513632", "key": "references"}, {"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "309053eabeb02a5157d25d83470cfac8", "key": "title"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "932e7b9c54dae24bdf1df096718df2b7", "key": "cvelist"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "16dc5d567fd720d622864f7b243fbe0d", "key": "modified"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "d03ec2c753bdc9ab26b955448c359a23", "key": "href"}, {"hash": "6e78a5178c78dd81ea66ac93c84dabcf", "key": "cpe"}, {"hash": "2264a5661532683d27ac718f0f455cd8", "key": "description"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-0156", "id": "CVE-2006-0156", "lastseen": "2016-09-03T06:21:11", "modified": "2011-03-07T21:29:27", "objectVersion": "1.2", "published": "2006-01-10T06:03:00", "references": ["http://evuln.com/vulns/20", "http://www.securityfocus.com/bid/16172", "http://xforce.iss.net/xforce/xfdb/24043", "http://securityreason.com/securityalert/325", "http://www.vupen.com/english/advisories/2006/0121", "http://www.securityfocus.com/archive/1/archive/1/421277/100/0/threaded"], "reporter": "NVD", "scanner": [], "title": "CVE-2006-0156", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T06:21:11"}], "edition": 2, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "6e78a5178c78dd81ea66ac93c84dabcf"}, {"key": "cvelist", "hash": "932e7b9c54dae24bdf1df096718df2b7"}, {"key": "cvss", "hash": "6e9bdd2021503689a2ad9254c9cdf2b3"}, {"key": "description", "hash": "2264a5661532683d27ac718f0f455cd8"}, {"key": "href", "hash": "d03ec2c753bdc9ab26b955448c359a23"}, {"key": "modified", "hash": "9da781b64c5a32f8444bbba0f1d4bf4d"}, {"key": "published", "hash": "177aaa98ddb5b163f14e051fdf107b4e"}, {"key": "references", "hash": "a80feb1c3a7eb7591737d8c786151d97"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "309053eabeb02a5157d25d83470cfac8"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "6389a2db519e4b82cdfba8b3fc3bd6295984fbdd1ba35cbb00fe24a09be46345", "viewCount": 0, "enchantments": {"vulnersScore": 4.3}, "objectVersion": "1.3", "cpe": ["cpe:/a:foxrum:foxrum:4.0.4f"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}
{"result": {"osvdb": [{"id": "OSVDB:22296", "type": "osvdb", "title": "foxrum url BBcode XSS", "description": "# No description provided by the source\n\n## References:\nVendor URL: http://www.foxrum.fr.st/\n[Secunia Advisory ID:18386](https://secuniaresearch.flexerasoftware.com/advisories/18386/)\nOther Advisory URL: http://www.evuln.com/vulns/20/summary.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-01/0118.html\nKeyword: EV0020\nFrSIRT Advisory: ADV-2006-0121\n[CVE-2006-0156](https://vulners.com/cve/CVE-2006-0156)\nBugtraq ID: 16172\n", "published": "2006-01-09T14:33:20", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://vulners.com/osvdb/OSVDB:22296", "cvelist": ["CVE-2006-0156"], "lastseen": "2017-04-28T13:20:19"}]}}