Lucene search

[email protected]CVE-2006-1151

HistoryMar 10, 2006 - 11:02 a.m.

CVE-2006-1151

2006-03-1011:02:00

[email protected]

web.nvd.nist.gov

cve

2006

1151

cross-site scripting

m-phorum

nvd

security vulnerability

web script

html

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.2 Medium

AI Score

Confidence

High

0.048 Low

EPSS

Percentile

92.7%

JSON

Cross-site scripting vulnerability in index.php in M-Phorum 0.2 allows remote attackers to inject arbitrary web script or HTML via the go parameter.

Affected configurations

NVD

Node

m_phorumm_phorumMatch0.2

CPENameOperatorVersion
m_phorum:m_phorumm phorumeq0.2

CPE	Name	Operator	Version
m_phorum:m_phorum	m phorum	eq	0.2

References

biyosecurity.be/bugs/mphorum.txt

secunia.com/advisories/19121

securityvulns.com/Ldocument750.html

securityvulns.com/source13951.html

www.osvdb.org/23951

www.securityfocus.com/archive/1/427165/100/0/threaded

www.securityfocus.com/archive/1/477253/100/0/threaded

www.securityfocus.com/bid/25394

exchange.xforce.ibmcloud.com/vulnerabilities/25312

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.2 Medium

AI Score

Confidence

High

0.048 Low

EPSS

Percentile

92.7%

JSON

Related for CVE-2006-1151

cvelist1 prion1 nvd1