[email protected]CVE-2006-3308

HistoryJun 29, 2006 - 1:05 a.m.

CVE-2006-3308

2006-06-2901:05:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-3308

vulnerability

wpprop code

project eros

bbsengine

remote attack vectors

cross-site scripting

xss

7 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

68.7%

JSON

Unspecified vulnerability in the wpprop code for Project EROS bbsengine before 20060622-0315 has unknown impact and remote attack vectors via [img] tags, possibly cross-site scripting (XSS).

CPENameOperatorVersion
zoid_technologies:project_eros_bbsenginezoid technologies project eros bbsengineeq2006-05-09
zoid_technologies:project_eros_bbsenginezoid technologies project eros bbsengineeq2006-05-12
zoid_technologies:project_eros_bbsenginezoid technologies project eros bbsengineeq2006-02-23
zoid_technologies:project_eros_bbsenginezoid technologies project eros bbsengineeq2006-05-19
zoid_technologies:project_eros_bbsenginezoid technologies project eros bbsengineeq2006-05-20
zoid_technologies:project_eros_bbsenginezoid technologies project eros bbsengineeq2006-05-01
zoid_technologies:project_eros_bbsenginezoid technologies project eros bbsenginele2006-06-21
zoid_technologies:project_eros_bbsenginezoid technologies project eros bbsengineeq2006-05-10
zoid_technologies:project_eros_bbsenginezoid technologies project eros bbsengineeq2006-04-29

CPE	Name	Operator	Version
zoid_technologies:project_eros_bbsengine	zoid technologies project eros bbsengine	eq	2006-05-09
zoid_technologies:project_eros_bbsengine	zoid technologies project eros bbsengine	eq	2006-05-12
zoid_technologies:project_eros_bbsengine	zoid technologies project eros bbsengine	eq	2006-02-23
zoid_technologies:project_eros_bbsengine	zoid technologies project eros bbsengine	eq	2006-05-19
zoid_technologies:project_eros_bbsengine	zoid technologies project eros bbsengine	eq	2006-05-20
zoid_technologies:project_eros_bbsengine	zoid technologies project eros bbsengine	eq	2006-05-01
zoid_technologies:project_eros_bbsengine	zoid technologies project eros bbsengine	le	2006-06-21
zoid_technologies:project_eros_bbsengine	zoid technologies project eros bbsengine	eq	2006-05-10
zoid_technologies:project_eros_bbsengine	zoid technologies project eros bbsengine	eq	2006-04-29

References

secunia.com/advisories/20760

sourceforge.net/project/shownotes.php?release_id=427430&group_id=86388

www.securityfocus.com/bid/18627

www.vupen.com/english/advisories/2006/2503

exchange.xforce.ibmcloud.com/vulnerabilities/27488

7 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

68.7%

JSON