Lucene search

[email protected]CVE-2006-0661

HistoryFeb 13, 2006 - 11:06 a.m.

CVE-2006-0661

2006-02-1311:06:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-0661

xss

scriptme

sme gb host

sme blog host

remote attackers

web script

html

bbcode

url tag

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.008 Low

EPSS

Percentile

81.9%

JSON

Cross-site scripting (XSS) vulnerability in Scriptme SmE GB Host 1.21 and SmE Blog Host allows remote attackers to inject arbitrary web script or HTML via the BBcode url tag.

CPENameOperatorVersion
scriptme:sme_blog_hostscriptme sme blog hosteq*
scriptme:sme_gb_hostscriptme sme gb hosteq1.21

CPE	Name	Operator	Version
scriptme:sme_blog_host	scriptme sme blog host	eq	*
scriptme:sme_gb_host	scriptme sme gb host	eq	1.21

References

evuln.com/vulns/65/summary.html

secunia.com/advisories/18786

securityreason.com/securityalert/447

www.securityfocus.com/bid/16585

www.vupen.com/english/advisories/2006/0504

exchange.xforce.ibmcloud.com/vulnerabilities/24543

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.008 Low

EPSS

Percentile

81.9%

JSON

Related for CVE-2006-0661

securityvulns1 prion1