Lucene search

[email protected]CVE-2006-0471

HistoryJan 31, 2006 - 11:03 a.m.

CVE-2006-0471

2006-01-3111:03:00

[email protected]

web.nvd.nist.gov

cve

2006

0471

cross-site scripting

xss

vulnerability

functions.php

bbcode

my little homepage

my little forum

remote attackers

javascript uri

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.3%

JSON

Cross-site scripting (XSS) vulnerability in the bbcode function in functions.php in my little homepage my little forum, as last modified in June 2005, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags.

Affected configurations

NVD

Node

my_little_homepagemy_little_forumMatch2004-04-20

CPENameOperatorVersion
my_little_homepage:my_little_forummy little homepage my little forumeq2004-04-20

CPE	Name	Operator	Version
my_little_homepage:my_little_forum	my little homepage my little forum	eq	2004-04-20

References

attrition.org/pipermail/vim/2006-January/000520.html

evuln.com/vulns/51/

evuln.com/vulns/51/summary.html

secunia.com/advisories/18628

www.osvdb.org/22856

www.securityfocus.com/archive/1/423167/100/0/threaded

www.securityfocus.com/bid/16395

www.vupen.com/english/advisories/2006/0349

exchange.xforce.ibmcloud.com/vulnerabilities/24310

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.3%

JSON

Related for CVE-2006-0471

cvelist1 prion1 nvd1