Lucene search

[email protected]CVE-2006-1916

HistoryApr 20, 2006 - 6:06 p.m.

CVE-2006-1916

2006-04-2018:06:00

[email protected]

web.nvd.nist.gov

cve-2006-1916

cross-site scripting

xss

dbbs

security vulnerabilities

web script injection

html injection

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

5.8 Medium

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.4%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in profile.php in DbbS 2.0-alpha and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ulocation or (2) uhobbies parameters.

Affected configurations

NVD

Node

dbbsdbbsRange≤2.0-alpha

dbbsdbbsMatch2.0

CPENameOperatorVersion
dbbs:dbbsdbbsle2.0-alpha
dbbs:dbbsdbbseq2.0

CPE	Name	Operator	Version
dbbs:dbbs	dbbs	le	2.0-alpha
dbbs:dbbs	dbbs	eq	2.0

References

securityreason.com/securityalert/771

www.securityfocus.com/archive/1/431117

www.securityfocus.com/bid/17559

exchange.xforce.ibmcloud.com/vulnerabilities/25923

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

5.8 Medium

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.4%

JSON

Related for CVE-2006-1916

nvd1 prion1 cvelist1