ID CVE-2006-2874Type cveReporter NVDModified 2017-07-19T21:31:51
Description
Unspecified vulnerability in OSADS Alliance Database before 1.4 has unknown impact and attack vectors related to a "Security Leak to lock in HTML-Code," possibly due to a cross-site scripting (XSS) vulnerability involving comments.
{"id": "CVE-2006-2874", "bulletinFamily": "NVD", "title": "CVE-2006-2874", "description": "Unspecified vulnerability in OSADS Alliance Database before 1.4 has unknown impact and attack vectors related to a \"Security Leak to lock in HTML-Code,\" possibly due to a cross-site scripting (XSS) vulnerability involving comments.", "published": "2006-06-06T16:06:00", "modified": "2017-07-19T21:31:51", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2874", "reporter": "NVD", "references": ["http://www.securityfocus.com/bid/18280", "http://sourceforge.net/project/shownotes.php?release_id=422081", "https://exchange.xforce.ibmcloud.com/vulnerabilities/26914", "http://www.vupen.com/english/advisories/2006/2143", "http://osads.sourceforge.net/viewtopic.php?t=3"], "cvelist": ["CVE-2006-2874"], "type": "cve", "lastseen": "2017-07-20T10:49:20", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:osads_alliance_database:osads_alliance_database:1.2", "cpe:/a:osads_alliance_database:osads_alliance_database:1.1", "cpe:/a:osads_alliance_database:osads_alliance_database:1.3"], "cvelist": ["CVE-2006-2874"], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "Unspecified vulnerability in OSADS Alliance Database before 1.4 has unknown impact and attack vectors related to a \"Security Leak to lock in HTML-Code,\" possibly due to a cross-site scripting (XSS) vulnerability involving comments.", "edition": 1, "enchantments": {}, "hash": "9238192700ab5a84e9e8ae913957c5463c3d98a59d99bd9f981cb23698388243", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "2335f691a010155b2edb10568d0d2b84", "key": "modified"}, {"hash": "7c2ffb39c3f276559a61864a0a616c2b", "key": "href"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "8c63b240dc99c1144f2f7234c0ef8c74", "key": "cvelist"}, {"hash": "49e6a8581dc22645e037383b579cb05a", "key": "published"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "3697a1f5a132d427f182d76f0d730f6e", "key": "cpe"}, {"hash": "c9ff51e5b25d9e16d3a8d57d20773c8d", "key": "title"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "ac8f4f2f60890cbdfc2cc1ed21e3bf93", "key": "description"}, {"hash": "c3e6d9733d92bcfc220755e19b9f70cd", "key": "references"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2874", "id": "CVE-2006-2874", "lastseen": "2016-09-03T07:03:58", "modified": "2011-03-07T21:37:10", "objectVersion": "1.2", "published": "2006-06-06T16:06:00", "references": ["http://www.securityfocus.com/bid/18280", "http://sourceforge.net/project/shownotes.php?release_id=422081", "http://xforce.iss.net/xforce/xfdb/26914", "http://www.vupen.com/english/advisories/2006/2143", "http://osads.sourceforge.net/viewtopic.php?t=3"], "reporter": "NVD", "scanner": [], "title": "CVE-2006-2874", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T07:03:58"}], "edition": 2, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "3697a1f5a132d427f182d76f0d730f6e"}, {"key": "cvelist", "hash": "8c63b240dc99c1144f2f7234c0ef8c74"}, {"key": "cvss", "hash": "6e9bdd2021503689a2ad9254c9cdf2b3"}, {"key": "description", "hash": "ac8f4f2f60890cbdfc2cc1ed21e3bf93"}, {"key": "href", "hash": "7c2ffb39c3f276559a61864a0a616c2b"}, {"key": "modified", "hash": "5ac5e4f2285842a85626614176fea8bc"}, {"key": "published", "hash": "49e6a8581dc22645e037383b579cb05a"}, {"key": "references", "hash": "70f4fd07e9b2ccf9255c78650ef6efc2"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "c9ff51e5b25d9e16d3a8d57d20773c8d"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "4cc92675f584c4361133bc488a7b7f77e041b9ef7e2d58f76e9859a3fc86fbf2", "viewCount": 0, "enchantments": {"vulnersScore": 4.3}, "objectVersion": "1.3", "cpe": ["cpe:/a:osads_alliance_database:osads_alliance_database:1.2", "cpe:/a:osads_alliance_database:osads_alliance_database:1.1", "cpe:/a:osads_alliance_database:osads_alliance_database:1.3"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}
{"result": {"osvdb": [{"id": "OSVDB:25984", "type": "osvdb", "title": "OSADS Board Comment Body XSS", "description": "## Solution Description\nUpgrade to version 1.4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\nVendor URL: http://osads.sourceforge.net/\nVendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=422081\n[Secunia Advisory ID:20441](https://secuniaresearch.flexerasoftware.com/advisories/20441/)\nFrSIRT Advisory: ADV-2006-2143\n[CVE-2006-2874](https://vulners.com/cve/CVE-2006-2874)\nBugtraq ID: 18280\n", "published": "2006-06-03T10:05:21", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://vulners.com/osvdb/OSVDB:25984", "cvelist": ["CVE-2006-2874"], "lastseen": "2017-04-28T13:20:22"}]}}
