Lucene search

[email protected]CVE-2006-1272

HistoryMar 19, 2006 - 2:02 a.m.

CVE-2006-1272

2006-03-1902:02:00

[email protected]

web.nvd.nist.gov

mybulletin board

mybb

xss

cve-2006-1272

web security

vulnerability

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

86.8%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in member.php in MyBulletin Board (MyBB) 1.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) aim, (2) yahoo, (3) msn, or (4) website field.

Affected configurations

NVD

Node

mybulletinboardmybulletinboardMatch1.0.3

CPENameOperatorVersion
mybulletinboard:mybulletinboardmybulletinboardeq1.0.3

CPE	Name	Operator	Version
mybulletinboard:mybulletinboard	mybulletinboard	eq	1.0.3

References

community.mybboard.net/showthread.php?tid=7368

kapda.ir/advisory-297.html

www.osvdb.org/23935

www.securityfocus.com/archive/1/427746/100/0/threaded

www.securityfocus.com/bid/17097

exchange.xforce.ibmcloud.com/vulnerabilities/25263

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

86.8%

JSON

Related for CVE-2006-1272

prion2 cvelist2 nvd2 cve1